From a12663d2d0a8038b77b3fc96df6399292f7b5772 Mon Sep 17 00:00:00 2001
From: Marc Delisle <marc@infomarc.info>
Date: Tue, 15 Jun 2004 14:50:22 +0000
Subject: [PATCH] PMA_securePath

---
 libraries/common.lib.php | 19 +++++++++++++++++++
 1 file changed, 19 insertions(+)

diff --git a/libraries/common.lib.php b/libraries/common.lib.php
index 66c3a4b04..79ff6714b 100644
--- a/libraries/common.lib.php
+++ b/libraries/common.lib.php
@@ -2061,6 +2061,25 @@ if (typeof(document.getElementById) != 'undefined'
         }
     } // end function
 
+    /**
+     * Removes insecure parts in a path; used before include() or
+     * require() when a part of the path comes from an insecure source
+     * like a cookie or form.
+     *
+     * @param    string  The path to check
+     *
+     * @return   string  The secured path
+     *                  
+     * @access  public
+     * @author  Marc Delisle (lem9@users.sourceforge.net)
+     */
+    function PMA_securePath($path) {
+
+        // change .. to .
+        $path = preg_replace('@\.\.*@','.',$path);
+
+        return $path; 
+    } // end function
 
     // Kanji encoding convert feature appended by Y.Kawada (2002/2/20)
     if (@function_exists('mb_convert_encoding')