Permalink
Browse files

Better check for bad resource name - Found by skodak SC#32

  • Loading branch information...
1 parent 01988ca commit a97e45be565f6072e6b671c9b8d83e8b29513e73 moodler committed Dec 15, 2004
Showing with 4 additions and 0 deletions.
  1. +4 −0 mod/resource/type/directory/resource.class.php
@@ -24,7 +24,11 @@ function display() {
add_to_log($course->id, "resource", "view", "view.php?id={$cm->id}", $resource->id, $cm->id);
+
if ($resource->reference) {
+ if (detect_munged_arguments($resource->reference, 0)) {
+ error("The filename contains illegal characters!");
+ }
$relativepath = "{$course->id}/{$resource->reference}";
} else {
$relativepath = "{$course->id}";

0 comments on commit a97e45b

Please sign in to comment.