Skip to content

Commit

Permalink
Multi-Domain & Underscore - Fix
Browse files Browse the repository at this point in the history
- Multi-Domain-Fix
- Area with underscore Fix
  • Loading branch information
screengarden committed Feb 11, 2015
1 parent da0ef05 commit 8b3e132
Show file tree
Hide file tree
Showing 2 changed files with 3 additions and 3 deletions.
4 changes: 2 additions & 2 deletions backend/external/phplib/local.php
Original file line number Diff line number Diff line change
Expand Up @@ -490,8 +490,8 @@ class cms_Backend_Session extends Session {
var $cookiename = 'sefrengo'; // Name des Cookies
var $name = 'cms';
var $magic = 'backend_Session'; // beliebiger Name zur Verschl?sselung
var $mode = 'cookie'; // default Modus der Session-ID
var $fallback_mode = 'get'; // falls default Modus abgelehnt wird
var $mode = 'get'; // default Modus der Session-ID
var $fallback_mode = 'cookie'; // falls default Modus abgelehnt wird
var $lifetime = '0'; // 0 = do session cookies, else minutes
var $refresh = '0'; // 0 = no refresh, else minutes
var $that_class = 'cms_CT_Sql'; // name of data storage container
Expand Down
2 changes: 1 addition & 1 deletion backend/main.php
Original file line number Diff line number Diff line change
Expand Up @@ -209,7 +209,7 @@
if ( $cfg_rep['repository_init_plugins'] ) $rep->init_plugins();

// Area wählen
if(@!include("inc/inc.".preg_replace('/[^a-zA-Z0-9 -]/','',$area).".php")){
if(@!include("inc/inc.".preg_replace('/[^a-zA-Z0-9_-]/','',$area).".php")){
die("Stop. Maybe XSS?");
};

Expand Down

0 comments on commit 8b3e132

Please sign in to comment.