AIR
/
mxml
mirror of https://github.com/michaelrsweet/mxml.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Useless XSS fix.

Browse Source
pull/193/head
Michael R Sweet 16 years ago
parent 6788efa5ce
commit 51e76f4109
1 changed files with 8 additions and 1 deletions
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Show Stats Download Patch File Download Diff File
  1. 9
      www/software.php

9
www/software.php
Unescape View File

@ -23,11 +23,18 @@ fclose($fp);
// Get form data, if any...
if (array_key_exists("FILE", $_GET))
{
$file = $_GET["FILE"];
if (strpos($file, "../") !== FALSE ||
!file_exists("/home/ftp.easysw.com/pub/$file"))
$file = "";
}
else
$file = "";
if (array_key_exists("SITE", $_GET))
if (array_key_exists("SITE", $_GET) &&
array_key_exists($_GET["SITE"], $PROJECT_SITELIST))
{
$site = $_GET["SITE"];
setcookie("SITE", $site, time() + 90 * 86400, "/");

Write Preview
Loading…
Cancel
Save