nettika/phpmyadmin
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

[security] Fixed local file inclusion vulnerability and code execution, see PMASA-2011-11

Browse Source
This commit is contained in:
Herman van Rink
2011-07-08 21:41:05 +02:00
parent 3caa6cbb7e
commit 3ae58f0cd6
3 changed files with 15 additions and 9 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
schema_export.php
View File

@@ -37,7 +37,9 @@ include_once("./libraries/schema/Export_Relation_Schema.class.php");
* default is PDF
*/
global $db,$export_type;
$export_type = isset($export_type) ? $export_type : 'pdf';
if (!isset($export_type) || !preg_match('/^[a-zA-Z]+$/', $export_type)) {
$export_type = 'pdf';
}
PMA_DBI_select_db($db);
$path = PMA_securePath(ucfirst($export_type));