nlopess Sun Mar 21 15:02:42 2004 EDT
Modified files:
/livedocs common.php
Log:
fixing possible security bug in &lang
http://cvs.php.net/diff.php/livedocs/common.php?r1=1.9&r2=1.10&ty=u
Index: livedocs/common.php
diff -u livedocs/common.php:1.9 livedocs/common.php:1.10
--- livedocs/common.php:1.9 Sun Mar 21 05:45:15 2004
+++ livedocs/common.php Sun Mar 21 15:02:40 2004
@@ -18,7 +18,7 @@
// | Common PHP header, with some basic settings |
// +----------------------------------------------------------------------+
//
-// $Id: common.php,v 1.9 2004/03/21 10:45:15 nlopess Exp $
+// $Id: common.php,v 1.10 2004/03/21 20:02:40 nlopess Exp $
set_magic_quotes_runtime(0);
/*$compare = version_compare(phpversion(), '5.0.0RC1');
@@ -53,6 +53,11 @@
}
} else {
$lang = preg_replace(LANGREG, '', $_GET['l']);
+
+ $languages = explode(' ', LANGUAGES);
+ if (!in_array($lang, $languages)){
+ $lang = FALLBACK_LANG;
+ }
}
define('BASE', PHPDOC . "/$lang/");
