extern/egroupware_official
1
0
Fork 0
mirror of https://github.com/EGroupware/egroupware.git synced 2024-11-23 00:13:35 +01:00
Code Issues Packages Projects Releases Wiki Activity

fix problem reported by Fabio Ciuffani / John Leitch <john@autosectools.com>

Browse Source
This commit is contained in:
Ralf Becker 2011-08-03 07:18:17 +00:00
parent 11da1388eb
commit 050875995c
1 changed files with 1 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
admin/remote.php
View File

@ -67,6 +67,7 @@ if (is_object($cmd))
// check if requests contains a reasonable looking admin command to be queued // check if requests contains a reasonable looking admin command to be queued
if (!$_REQUEST['uid'] || // no uid if (!$_REQUEST['uid'] || // no uid
!$_REQUEST['type'] || // no command class name !$_REQUEST['type'] || // no command class name
!preg_match('/^[a-z0-9_]+$/i', $_REQUEST['type']) || // type is a (autoloadable) class name, prevent inclusion of arbitrary files
!$_REQUEST['creator_email']) // no creator email !$_REQUEST['creator_email']) // no creator email
{ {
header("HTTP/1.1 200 Bad format!"); header("HTTP/1.1 200 Bad format!");