Menu
▾
▴
[Astlinux-commits] SF.net SVN: astlinux:[7871] branches/1.0/package/webinterface/altweb/info. php
|
From: <abe...@us...> - 2016-09-30 14:47:28
|
Revision: 7871
http://sourceforge.net/p/astlinux/code/7871
Author: abelbeck
Date: 2016-09-30 14:47:25 +0000 (Fri, 30 Sep 2016)
Log Message:
-----------
web interface, info helper script, added topic sanity check
Modified Paths:
--------------
branches/1.0/package/webinterface/altweb/info.php
Modified: branches/1.0/package/webinterface/altweb/info.php
===================================================================
--- branches/1.0/package/webinterface/altweb/info.php 2016-09-30 03:57:26 UTC (rev 7870)
+++ branches/1.0/package/webinterface/altweb/info.php 2016-09-30 14:47:25 UTC (rev 7871)
@@ -1,6 +1,6 @@
<?php
-// Copyright (C) 2008-2009 Lonnie Abelbeck
+// Copyright (C) 2008-2016 Lonnie Abelbeck
// This is free software, licensed under the GNU General Public License
// version 3 as published by the Free Software Foundation; you can
// redistribute it and/or modify it under the terms of the GNU
@@ -8,6 +8,7 @@
// info.php for AstLinux
// 12-09-2008
+// 09-30-2016, Added topic sanity check
//
// Function: getSYSlocation
@@ -29,6 +30,9 @@
if ($topic === '' || $ifile === '') {
exit;
}
+if (! preg_match('/^[a-zA-Z0-9_-]*$/', $topic)) {
+ exit;
+}
$tmpfile = tempnam("/tmp", "PHP_");
@exec('sed -n "/^\[\['.$topic.'\]\]/,/^\[\[/ p" '.$ifile.' | sed "/^\[\[/ d" >'.$tmpfile);
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
