The branch, master has been updated via 6c92b02f81c2296382d60bd66653d296628e926e (commit) from 8fcb4720e2138429df9f9c3a197187882c0c51ef (commit)

- Log ----------------------------------------------------------------- commit 6c92b02f81c2296382d60bd66653d296628e926e Author: Michal Čihař mcihar@suse.cz Date: Thu Aug 4 15:08:38 2011 +0200

Avoid using $_REQUEST all over the code

-----------------------------------------------------------------------

Summary of changes: file_echo.php | 10 ++++++---- 1 files changed, 6 insertions(+), 4 deletions(-)

diff --git a/file_echo.php b/file_echo.php index f829853..2add078 100644 --- a/file_echo.php +++ b/file_echo.php @@ -24,13 +24,15 @@ if (isset($_REQUEST['filename']) && isset($_REQUEST['image'])) { * Check file name to match mime type and not contain new lines * to prevent response splitting. */ - if (! preg_match('/^[^\n\r]*.' . $allowed[$_REQUEST['type']] . '$/', $_REQUEST['filename'])) { + $extension = $allowed[$_REQUEST['type']]; + $valid_match = '/^[^\n\r]*.' . $extension . '$/'; + if (! preg_match($valid_match, $_REQUEST['filename'])) { if (! preg_match('/^[^\n\r]*$/', $_REQUEST['filename'])) { /* Add extension */ - $filename = 'dowload.' . $allowed[$_REQUEST['type']]; + $filename = 'dowload.' . $extension; } else { /* Filename is unsafe, discard it */ - $filename = $_REQUEST['filename'] . '.' . $allowed[$_REQUEST['type']]; + $filename = $_REQUEST['filename'] . '.' . $extension; } } else { /* Filename from request should be safe here */ @@ -41,7 +43,7 @@ if (isset($_REQUEST['filename']) && isset($_REQUEST['image'])) { PMA_download_header($filename, $_REQUEST['type']);

/* Send data */ - if ($allowed[$_REQUEST['type']] != 'svg') { + if ($extension != 'svg') { echo base64_decode(substr($_REQUEST['image'], strpos($_REQUEST['image'],',') + 1)); } else { echo $_REQUEST['image'];

hooks/post-receive