Changeset 1838
- Timestamp:
- 12/08/2011 11:25:14 PM (18 months ago)
- Location:
- branches/1.3.2
- Files:
-
- 2 modified
-
actions/files/files.php (modified) (1 diff)
-
version.php (modified) (1 diff)
Legend:
- Unmodified
- Added
- Removed
-
branches/1.3.2/actions/files/files.php
r1829 r1838 188 188 } 189 189 190 // Sanitize filenames to prevent path traversal attacks 190 191 $action = $this->GetSafeVar('action', 'get'); 191 192 $file = $this->GetSafeVar('file', 'get'); 192 193 $file_to_delete = $this->GetSafeVar('file_to_delete', 'post'); 193 $prohibited_filepath_tokens = "/^[\.\/\\\]/"; 194 if(preg_match($prohibited_filepath_tokens, $file) || 195 preg_match($prohibited_filepath_tokens, $file_to_delete)) 196 { 197 $this->Redirect($this->Href(), T_("Sorry, files of this type are not allowed.")); 198 } 194 195 $fileregex = "/^.*?([^\.\/\\\]+\.[A-Za-z0-9]{2,4})$/"; 196 if(isset($_GET['file'])) 197 { 198 $matches = ''; 199 preg_match($fileregex, $file, $matches); 200 if(isset($matches[1])) 201 $file = $matches[1]; 202 else 203 $this->Redirect('', T_("Invalid filename")); 204 } 205 if(isset($_POST['file_to_delete'])) 206 { 207 $matches = ''; 208 preg_match($fileregex, $file_to_delete, $matches); 209 if(isset($matches[1])) 210 $file_to_delete = $matches[1]; 211 else 212 $this->Redirect('', T_("Invalid filename")); 213 } 214 199 215 200 216 // 1a. User has requested a file to be deleted -
branches/1.3.2/version.php
r1834 r1838 32 32 * and does not need to be changed for major/minor releases. 33 33 */ 34 if(!defined('WIKKA_PATCH_LEVEL')) define('WIKKA_PATCH_LEVEL', ' 4');34 if(!defined('WIKKA_PATCH_LEVEL')) define('WIKKA_PATCH_LEVEL', '6'); 35 35 ?>
