Browse files

unset $_language in case of malicious entry via url w/ register_globals.

(cherry picked from commit b62ff9f)
  • Loading branch information...
1 parent bad5547 commit 03224bd4396e75547dc35ef26b37533dc1780952 @xzilla committed Dec 17, 2008
Showing with 2 additions and 0 deletions.
  1. +2 −0 libraries/lib.inc.php
View
2 libraries/lib.inc.php
@@ -95,6 +95,8 @@
}
// Determine language file to import:
+ unset($_language);
+
// 1. Check for the language from a request var
if (isset($_REQUEST['language']) && isset($appLangFiles[$_REQUEST['language']]))
$_language = $_REQUEST['language'];

0 comments on commit 03224bd

Please sign in to comment.