diff options
author | chrisaga <chrisaga@piwigo.org> | 2006-04-16 10:58:00 +0000 |
---|---|---|
committer | chrisaga <chrisaga@piwigo.org> | 2006-04-16 10:58:00 +0000 |
commit | c4f5086a071b568f8c75a00dff71ee3266da7680 (patch) | |
tree | 7450fa301a03677bc50750ce348332cd4ce8ac57 | |
parent | e923145cecbe98a74af133ddc5f47e50fec13693 (diff) |
- merge trunc r1186:1187 into branch 1.6 (security in action.php)
git-svn-id: http://piwigo.org/svn/branches/branch-1_6@1190 68402e56-0260-453c-a942-63ccdbb3a9ee
-rw-r--r-- | action.php | 7 |
1 files changed, 5 insertions, 2 deletions
diff --git a/action.php b/action.php index ef635a4d1..c20b07d3a 100644 --- a/action.php +++ b/action.php @@ -65,8 +65,11 @@ function force_download ($filename) //--------------------------------------------------------- download big picture if ( isset( $_GET['dwn'] ) ) { -//TODO : verify the path begins with './gallerie' and doesn't contains any '..' -// in order to avoid hacking atempts +//TODO : verify the path begins with something in galleries_url and that user has access rights to the picture +// in order to avoid hacking atempts by forged url + if (preg_match('/\.\./',$_GET['dwn'])) { + die('Hacking attempt!'); + } force_download($_GET['dwn']); } |