nettika/phpmyadmin
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Fix path disclossure while passing array as some params.

Browse Source
This commit is contained in:
Michal Čihař
2006-11-17 09:32:19 +00:00
parent 609eaa7f75
commit 7e5f61842c
6 changed files with 43 additions and 8 deletions
Download Patch File Download Diff File Expand all files Collapse all files

11
libraries/select_lang.lib.php
View File

@@ -39,6 +39,9 @@ function PMA_langCheck()
if (! empty($_POST['lang'])) {
if (PMA_langSet($_POST['lang'])) {
return true;
} elseif (!is_string($_POST['lang'])) {
/* Faked request, don't care on localisation */
$GLOBALS['lang_failed_request'] = 'Yes';
} else {
$GLOBALS['lang_failed_request'] = $_POST['lang'];
}
@@ -48,6 +51,9 @@ function PMA_langCheck()
if (! empty($_GET['lang'])) {
if (PMA_langSet($_GET['lang'])) {
return true;
} elseif (!is_string($_GET['lang'])) {
/* Faked request, don't care on localisation */
$GLOBALS['lang_failed_request'] = 'Yes';
} else {
$GLOBALS['lang_failed_request'] = $_GET['lang'];
}
@@ -57,6 +63,9 @@ function PMA_langCheck()
if (! empty($_COOKIE['pma_lang'])) {
if (PMA_langSet($_COOKIE['pma_lang'])) {
return true;
} elseif (!is_string($_COOKIE['lang'])) {
/* Faked request, don't care on localisation */
$GLOBALS['lang_failed_request'] = 'Yes';
} else {
$GLOBALS['lang_failed_cookie'] = $_COOKIE['pma_lang'];
}
@@ -95,7 +104,7 @@ function PMA_langCheck()
*/
function PMA_langSet(&$lang)
{
if (empty($lang) || empty($GLOBALS['available_languages'][$lang])) {
if (!is_string($lang) || empty($lang) || empty($GLOBALS['available_languages'][$lang])) {
return false;
}
$GLOBALS['lang'] = $lang;