nettika/phpmyadmin
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

for marc :-)

Browse Source
This commit is contained in:
Michal Čihař
2004-06-15 15:36:56 +00:00
parent 67d381bb22
commit 9e75a51fd0
1 changed files with 21 additions and 21 deletions
Download Patch File Download Diff File Expand all files Collapse all files

42
libraries/common.lib.php
View File

@@ -238,25 +238,6 @@ if ($is_minimum_common == FALSE) {
function PMA_generateHiddenMaxFileSize($max_size){
return '<input type="hidden" name="MAX_FILE_SIZE" value="' .$max_size . '" />';
}
/**
* Removes insecure parts in a path; used before include() or
* require() when a part of the path comes from an insecure source
* like a cookie or form.
*
* @param string The path to check
*
* @return string The secured path
*
* @access public
* @author Marc Delisle (lem9@users.sourceforge.net)
*/
function PMA_securePath($path) {
// change .. to .
$path = preg_replace('@\.\.*@','.',$path);
return $path;
} // end function
/**
* Charset conversion.
@@ -269,6 +250,26 @@ if ($is_minimum_common == FALSE) {
require_once('./libraries/string.lib.php');
}
/**
* Removes insecure parts in a path; used before include() or
* require() when a part of the path comes from an insecure source
* like a cookie or form.
*
* @param string The path to check
*
* @return string The secured path
*
* @access public
* @author Marc Delisle (lem9@users.sourceforge.net)
*/
function PMA_securePath($path) {
// change .. to .
$path = preg_replace('@\.\.*@','.',$path);
return $path;
} // end function
// If zlib output compression is set in the php configuration file, no
// output buffering should be run
if (@ini_get('zlib.output_compression')) {
@@ -317,8 +318,7 @@ if (!isset($_COOKIE['pma_theme']) || empty($_COOKIE['pma_theme'])){
$GLOBALS['theme'] = $_COOKIE['pma_theme'];
if ($_COOKIE['pma_theme'] != 'original') {
$pmaThemeImage = './' . $cfg['ThemePath'] . '/' . $_COOKIE['pma_theme'] . '/img/';
//$tmp_color_file = './' . $cfg['ThemePath'] . '/' . PMA_securePath($_COOKIE['pma_theme']) . '/colors.inc.php';
$tmp_color_file = './' . $cfg['ThemePath'] . '/' . $_COOKIE['pma_theme'] . '/colors.inc.php';
$tmp_color_file = './' . $cfg['ThemePath'] . '/' . PMA_securePath($_COOKIE['pma_theme']) . '/colors.inc.php';
if (@file_exists($tmp_color_file)) {
include($tmp_color_file);
}