Menu
▾
▴
[PHPiCalendar-Commits] phpicalendar/functions template.php,1.81,1.82
|
From: <ji...@us...> - 2006-02-15 08:32:14
|
Update of /cvsroot/phpicalendar/phpicalendar/functions In directory sc8-pr-cvs1.sourceforge.net:/tmp/cvs-serv5429/phpicalendar/functions Modified Files: template.php Log Message: fix path bug introduced by security patch in 2.21 release Index: template.php =================================================================== RCS file: /cvsroot/phpicalendar/phpicalendar/functions/template.php,v retrieving revision 1.81 retrieving revision 1.82 diff -C2 -d -r1.81 -r1.82 *** template.php 9 Feb 2006 04:37:12 -0000 1.81 --- template.php 15 Feb 2006 08:32:05 -0000 1.82 *************** *** 1037,1046 **** global $template; ob_start(); ! $file = str_replace("..","",$file); ! if (strpos($file, "$template") > 0 || $file =='./functions/event.js'){ ! include($file); ! $buffer = ob_get_contents(); ! ob_end_clean(); ! return $buffer; }else{ die('breakin attempt'); --- 1037,1045 ---- global $template; ob_start(); ! if (strpos($file, "$template") > 0 || $file =='./functions/event.js'){ ! include($file); ! $buffer = ob_get_contents(); ! ob_end_clean(); ! return $buffer; }else{ die('breakin attempt'); |
