Permalink
Browse files

Make check for `..` more specific.

A `..` anywhere in the classname is invalid.
  • Loading branch information...
1 parent 7267383 commit 36d8473215007dce853a2c5b8ee1bbad03213844 @markstory markstory committed Jul 2, 2013
Showing with 1 addition and 1 deletion.
  1. +1 −1 lib/Cake/Core/App.php
View
2 lib/Cake/Core/App.php
@@ -535,7 +535,7 @@ public static function load($className) {
if (!isset(self::$_classMap[$className])) {
return false;
}
- if (strpos($className, '..')) {
+ if (strpos($className, '..') !== false) {
return false;
}

0 comments on commit 36d8473

Please sign in to comment.