diff options
| author | chrisaga <chrisaga@piwigo.org> | 2006-04-16 10:53:01 +0000 |
|---|---|---|
| committer | chrisaga <chrisaga@piwigo.org> | 2006-04-16 10:53:01 +0000 |
| commit | a21c222f39689b70baa92cb1267b1b024507cc0e (patch) | |
| tree | be94910a7d4eb42b30b41f9bd5291e7c6f99c7aa | |
| parent | 162773bd36b75c268c77dda094a71df09e4fe701 (diff) | |
- security : add some control to download url. Somebody sould take it over for other controls
git-svn-id: http://piwigo.org/svn/trunk@1187 68402e56-0260-453c-a942-63ccdbb3a9ee
| -rw-r--r-- | action.php | 7 |
1 files changed, 5 insertions, 2 deletions
diff --git a/action.php b/action.php index ef635a4d1..c20b07d3a 100644 --- a/action.php +++ b/action.php @@ -65,8 +65,11 @@ function force_download ($filename) //--------------------------------------------------------- download big picture if ( isset( $_GET['dwn'] ) ) { -//TODO : verify the path begins with './gallerie' and doesn't contains any '..' -// in order to avoid hacking atempts +//TODO : verify the path begins with something in galleries_url and that user has access rights to the picture +// in order to avoid hacking atempts by forged url + if (preg_match('/\.\./',$_GET['dwn'])) { + die('Hacking attempt!'); + } force_download($_GET['dwn']); } |