diff options
author | 2001-09-13 15:55:18 +0000 | |
---|---|---|
committer | 2001-09-13 15:55:18 +0000 | |
commit | 5ab3d3c821df9dbe713fd2d4750b3968de3a3b74 (patch) | |
tree | 804b0dd856bde175a742423fe5e18ee295fe778c /html/smallpage.php | |
parent | 954af91adb23aaae6203ccc228d20d7185445450 (diff) |
Fix two more gaping holes letting people examine whole filesystem (also fixed in server anyway)
Diffstat (limited to 'html/smallpage.php')
-rw-r--r-- | html/smallpage.php | 8 |
1 files changed, 7 insertions, 1 deletions
diff --git a/html/smallpage.php b/html/smallpage.php index 64f538a3..ef165c6d 100644 --- a/html/smallpage.php +++ b/html/smallpage.php @@ -1,6 +1,12 @@ <?php require('functions.php3'); small_header($title); - include($file); + if (substr($file,0,1)=="." or + substr($file,0,1)=="/" or + substr($file,0,1)=="~") { + print "Sorry, can't show you that file!\n"; + } else { + include($file); + } footer(); ?> |