Skip to content

Commit cda89c0

Browse files
committed
security fix
1 parent 2d62e30 commit cda89c0

File tree

2 files changed

+6
-6
lines changed

2 files changed

+6
-6
lines changed

Diff for: src/controllers/LogViewerController.php

+3-3
Original file line numberDiff line numberDiff line change
@@ -20,13 +20,13 @@ public function index()
2020
{
2121

2222
if ($this->request->input('l')) {
23-
LaravelLogViewer::setFile(base64_decode($this->request->input('l')));
23+
LaravelLogViewer::setFile(\Crypt::decrypt($this->request->input('l')));
2424
}
2525

2626
if ($this->request->input('dl')) {
27-
return $this->download(LaravelLogViewer::pathToLogFile(base64_decode($this->request->input('dl'))));
27+
return $this->download(LaravelLogViewer::pathToLogFile(\Crypt::decrypt($this->request->input('dl'))));
2828
} elseif ($this->request->has('del')) {
29-
app('files')->delete(LaravelLogViewer::pathToLogFile(base64_decode($this->request->input('del'))));
29+
app('files')->delete(LaravelLogViewer::pathToLogFile(\Crypt::decrypt($this->request->input('del'))));
3030
return $this->redirect($this->request->url());
3131
} elseif ($this->request->has('delall')) {
3232
foreach(LaravelLogViewer::getFiles(true) as $file){

Diff for: src/views/log.blade.php

+3-3
Original file line numberDiff line numberDiff line change
@@ -71,7 +71,7 @@
7171
<p class="text-muted"><i>by Rap2h</i></p>
7272
<div class="list-group">
7373
@foreach($files as $file)
74-
<a href="?l={{ base64_encode($file) }}"
74+
<a href="?l={{ \Crypt::encrypt($file) }}"
7575
class="list-group-item @if ($current_file == $file) llv-active @endif">
7676
{{$file}}
7777
</a>
@@ -120,10 +120,10 @@ class="fa fa-search"></span></button>@endif
120120
@endif
121121
<div class="p-3">
122122
@if($current_file)
123-
<a href="?dl={{ base64_encode($current_file) }}"><span class="fa fa-download"></span>
123+
<a href="?dl={{ \Crypt::encrypt($current_file) }}"><span class="fa fa-download"></span>
124124
Download file</a>
125125
-
126-
<a id="delete-log" href="?del={{ base64_encode($current_file) }}"><span
126+
<a id="delete-log" href="?del={{ \Crypt::encrypt($current_file) }}"><span
127127
class="fa fa-trash"></span> Delete file</a>
128128
@if(count($files) > 1)
129129
-

0 commit comments

Comments
 (0)