extern/egroupware
1
0
Fork 1
mirror of https://github.com/EGroupware/egroupware.git synced 2024-10-05 09:42:30 +02:00
Code Issues Packages Projects Releases Wiki Activity

added some security checks

Browse Source
This commit is contained in:
seek3r 2001-11-12 21:24:52 +00:00
parent 98c8c37409
commit a52845ec21
1 changed files with 12 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

17
doc/inlinedocparser.php
View File

@ -14,14 +14,23 @@
$types = array('abstract','param','example','syntax','result','description','discussion','author','copyright','package','access');
if(!$app)
if($app)
{
if (!preg_match("/^[a-zA-Z0-9-_]+$/i",$app))
{
echo 'Invalid application<br>';
exit;
}
}
else
{
$app = 'phpgwapi';
}
if ($fn)
{
if (preg_match("/^class\.[a-zA-Z0-9]\.inc\.php+$/i",$fn)){
if (preg_match("/^class\.([a-zA-Z0-9-_]*)\.inc\.php+$/",$fn))
{
$files[] = $fn;
}
else
@ -46,11 +55,9 @@
while(list($key, $value) = each($files))
{
//echo '$key = '.$key.' and $value = '.$value.'<br>';
if (!preg_match("/^class\.(.*)\.inc\.php+$/",$value))
if (!preg_match("/^class\.([a-zA-Z0-9-_]*)\.inc\.php+$/",$value))
{
unset($files[$key]);
//echo '#'.$key.' is bad, and should be unset<br>';
}
}