Changeset 1190

Timestamp:

Apr 16, 2006, 12:58:00 PM (18 years ago)

Author:

chrisaga

Message:

• merge trunc r1186:1187 into branch 1.6 (security in action.php)

File:

• branches/branch-1_6/action.php (modified) (1 diff)

branches/branch-1_6/action.php

@@ -66 +66 @@
 if ( isset( $_GET['dwn'] ) )
 {
-//TODO : verify the path begins with './gallerie' and doesn't contains any '..'
-// in order to avoid hacking atempts
+//TODO : verify the path begins with something in galleries_url and that user has access rights to the picture
+// in order to avoid hacking atempts by forged url
+  if (preg_match('/\.\./',$_GET['dwn'])) {
+    die('Hacking attempt!');
+  }
   force_download($_GET['dwn']);
 }