chamilo
/
chamilo-lms
mirror of https://github.com/chamilo/chamilo-lms/tree/1.11.x
2
0
Fork 0
Code Issues Projects Releases Wiki Activity

[svn r21121] Fixed vulnerable get parameter: search_folder - partial FS#4261

Browse Source
skala
Cristian Fasanando 17 years ago
parent e91943ae28
commit a44d43cda4
1 changed files with 5 additions and 2 deletions
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Show Stats Download Patch File Download Diff File
  1. 7
      main/inc/lib/fckeditor/editor/plugins/ajaxfilemanager/ajax_get_file_listing.php

7
main/inc/lib/fckeditor/editor/plugins/ajaxfilemanager/ajax_get_file_listing.php
Unescape View File

@ -7,7 +7,7 @@
* @since 22/May/2007 * @since 22/May/2007
* *
* Modify for Dokeos * Modify for Dokeos
* @author Juan Carlos Raña * @author Juan Carlos Ra<EFBFBD>a
* @since 31/December/2008 * @since 31/December/2008
*/ */
@ -22,11 +22,14 @@
include_once(dirname(__FILE__) . DIRECTORY_SEPARATOR . "inc" . DIRECTORY_SEPARATOR . "config.php"); include_once(dirname(__FILE__) . DIRECTORY_SEPARATOR . "inc" . DIRECTORY_SEPARATOR . "config.php");
include_once(CLASS_PAGINATION); include_once(CLASS_PAGINATION);
$pagination = new pagination(false); $pagination = new pagination(false);
$search_folder = str_replace("'","",$_GET['search_folder']);
if(!empty($_GET['search'])) if(!empty($_GET['search']))
{ {
include_once(CLASS_SEARCH); include_once(CLASS_SEARCH);
$search = new Search($_GET['search_folder']); $search = new Search($search_folder);
$search->addSearchKeyword('recursive', @$_GET['search_recursively']); $search->addSearchKeyword('recursive', @$_GET['search_recursively']);
$search->addSearchKeyword('mtime_from', @$_GET['search_mtime_from']); $search->addSearchKeyword('mtime_from', @$_GET['search_mtime_from']);
$search->addSearchKeyword('mtime_to', @$_GET['search_mtime_to']); $search->addSearchKeyword('mtime_to', @$_GET['search_mtime_to']);

Write Preview
Loading…
Cancel
Save