Sanitize 'page' GET parameter in login.php
parent
588beb3c05
commit
6a6e7db2ce
|
@ -43,7 +43,7 @@
|
||||||
$_SESSION['DISPLAYNAME'] = strtoupper(trim($_POST['username']));
|
$_SESSION['DISPLAYNAME'] = strtoupper(trim($_POST['username']));
|
||||||
$_SESSION['LOGIN'] = 'true';
|
$_SESSION['LOGIN'] = 'true';
|
||||||
|
|
||||||
header("Location: index.php?page=".$_REQUEST['page']);
|
header("Location: index.php?page=".urlencode($_REQUEST['page']));
|
||||||
die();
|
die();
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
@ -56,8 +56,8 @@
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
if(file_exists("./pages/".@$_REQUEST['page'].".php"))
|
if(isset($_REQUEST['page']) && preg_match('[0-9a-zA-Z]{1-100}') && file_exists("./pages/".$_REQUEST['page'].".php"))
|
||||||
$HTML->ReplaceLayoutInhalt("%%PAGENAME%%", @$_REQUEST['page']);
|
$HTML->ReplaceLayoutInhalt("%%PAGENAME%%", urlencode($_REQUEST['page']));
|
||||||
|
|
||||||
$HTML->ReplaceLayoutInhalt("%%LOGINMESSAGE%%", "");
|
$HTML->ReplaceLayoutInhalt("%%LOGINMESSAGE%%", "");
|
||||||
$HTML->ReplaceLayoutInhalt("%%LASTUSERNAME%%", "");
|
$HTML->ReplaceLayoutInhalt("%%LASTUSERNAME%%", "");
|
||||||
|
|
Loading…
Reference in New Issue