diff options
| author | chrisaga <chrisaga@piwigo.org> | 2006-04-16 10:58:00 +0000 |
|---|---|---|
| committer | chrisaga <chrisaga@piwigo.org> | 2006-04-16 10:58:00 +0000 |
| commit | c4f5086a071b568f8c75a00dff71ee3266da7680 (patch) | |
| tree | 7450fa301a03677bc50750ce348332cd4ce8ac57 /action.php | |
| parent | e923145cecbe98a74af133ddc5f47e50fec13693 (diff) | |
- merge trunc r1186:1187 into branch 1.6 (security in action.php)
git-svn-id: http://piwigo.org/svn/branches/branch-1_6@1190 68402e56-0260-453c-a942-63ccdbb3a9ee
Diffstat (limited to '')
| -rw-r--r-- | action.php | 7 |
1 files changed, 5 insertions, 2 deletions
diff --git a/action.php b/action.php index ef635a4d1..c20b07d3a 100644 --- a/action.php +++ b/action.php @@ -65,8 +65,11 @@ function force_download ($filename) //--------------------------------------------------------- download big picture if ( isset( $_GET['dwn'] ) ) { -//TODO : verify the path begins with './gallerie' and doesn't contains any '..' -// in order to avoid hacking atempts +//TODO : verify the path begins with something in galleries_url and that user has access rights to the picture +// in order to avoid hacking atempts by forged url + if (preg_match('/\.\./',$_GET['dwn'])) { + die('Hacking attempt!'); + } force_download($_GET['dwn']); } |