Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with HTTPS or Subversion.

Download ZIP
Browse files

changes in file/path cleaning SC#84, merged from MOODLE_14_STABLE

  • Loading branch information...
commit 14d6c233fba6adf4dd18b0ce297dbbc8dc7cd27b 1 parent db24312
skodak authored
Showing with 8 additions and 9 deletions.
  1. +8 −9 lib/moodlelib.php
View
17 lib/moodlelib.php
@@ -104,6 +104,7 @@
define('PARAM_HOST', 0x0040); // FQDN or IPv4 dotted quad
define('PARAM_URL', 0x0080);
define('PARAM_LOCALURL',0x0180); // NOT orthogonal to the others! Implies PARAM_URL!
+define('PARAM_CLEANFILE',0x0200);
/// PARAMETER HANDLING ////////////////////////////////////////////////////
@@ -198,22 +199,20 @@ function clean_param($param, $options) {
$param = strip_tags($param);
}
+ if ($options & PARAM_CLEANFILE) { // allow only safe characters
+ $param = clean_filename($param);
+ }
+
if ($options & PARAM_FILE) { // Strip all suspicious characters from filename
- $param = clean_param($param, PARAM_PATH);
- $pos = strrpos($param,'/');
- if ($pos !== FALSE) {
- $param = substr($param, $pos+1);
- }
- if ($param === '.' or $param === ' ') {
- $param = '';
- }
+ $param = ereg_replace('[[:cntrl:]]|[<>"`\|\':\\/]', '', $param);
+ $param = ereg_replace('\.\.+', '', $param);
}
if ($options & PARAM_PATH) { // Strip all suspicious characters from file path
$param = str_replace('\\\'', '\'', $param);
$param = str_replace('\\"', '"', $param);
$param = str_replace('\\', '/', $param);
- $param = ereg_replace('[[:cntrl:]]|[<>"`\|\']', '', $param);
+ $param = ereg_replace('[[:cntrl:]]|[<>"`\|\':]', '', $param);
$param = ereg_replace('\.\.+', '', $param);
$param = ereg_replace('//+', '/', $param);
}
Please sign in to comment.
Something went wrong with that request. Please try again.