[Openupload-svn-update] SF.net SVN: openupload:[246] trunk/lib/modules/default/files.inc.php
Status: Beta
Brought to you by:
tsdogs
Menu
▾
▴
[Openupload-svn-update] SF.net SVN: openupload:[246] trunk/lib/modules/default/files.inc.php
|
From: <ts...@us...> - 2009-02-06 21:01:03
|
Revision: 246
http://openupload.svn.sourceforge.net/openupload/?rev=246&view=rev
Author: tsdogs
Date: 2009-02-06 21:00:59 +0000 (Fri, 06 Feb 2009)
Log Message:
-----------
fix nasty security bug #2573950 for removal too
Modified Paths:
--------------
trunk/lib/modules/default/files.inc.php
Modified: trunk/lib/modules/default/files.inc.php
===================================================================
--- trunk/lib/modules/default/files.inc.php 2009-02-06 20:26:35 UTC (rev 245)
+++ trunk/lib/modules/default/files.inc.php 2009-02-06 21:00:59 UTC (rev 246)
@@ -426,7 +426,7 @@
if ($id != '') {
$finfo = $this->loadFile($id);
$r = isset($_GET['removeid'])?$_GET['removeid']:$_GET['r'];
- if ($finfo[0]['id']!=$id) {
+ if ($finfo[0]['id']!=$id or isset($finfo[0]['group'])) {
app()->error(tr('Wrong file id!'));
redirect();
} else if ($r!=$finfo[0]['remove']) {
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
