xcache
/
xcache
1
0
Fork 0
Code Releases Activity

avoid possible file name injection 

git-svn-id: svn://svn.lighttpd.net/xcache/trunk@782 c26eb9a1-5813-0410-bd6c-c2e55f420ca7
This commit is contained in:
Xuefer 2011-04-22 14:45:00 +00:00
parent 90ccdadc54
commit 25cfffd7f7
1 changed files with 3 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
admin/common.php
View File

@ -38,20 +38,20 @@ function get_language_file($name)
$l = strtolower($lang);
$file = get_language_file_ex($name, $l, $s);
if (!isset($file)) {
$l = strtok($l, '-');
$l = strtok($l, ':-');
$file = get_language_file_ex($name, $l, $s);
}
}
else if (!empty($_SERVER['HTTP_ACCEPT_LANGUAGE'])) {
foreach (explode(',', str_replace(' ', '', $_SERVER['HTTP_ACCEPT_LANGUAGE'])) as $l) {
$l = strtok($l, ';');
$l = strtok($l, ':;');
$file = get_language_file_ex($name, $l, $s);
if (isset($file)) {
$lang = $l;
break;
}
if (strpos($l, '-') !== false) {
$ll = strtok($l, '-');
$ll = strtok($l, ':-');
$file = get_language_file_ex($name, $ll, $s);
if (isset($file)) {
$lang = $l;