[Mapbender-commits] r7109 - trunk/mapbender/http/javascripts
svn_mapbender at osgeo.org
svn_mapbender at osgeo.org
Thu Nov 11 05:16:12 EST 2010
Author: apour
Date: 2010-11-11 02:16:12 -0800 (Thu, 11 Nov 2010)
New Revision: 7109
Modified:
trunk/mapbender/http/javascripts/map.php
Log:
Added the secure function before including files.
Modified: trunk/mapbender/http/javascripts/map.php
===================================================================
--- trunk/mapbender/http/javascripts/map.php 2010-11-11 10:00:26 UTC (rev 7108)
+++ trunk/mapbender/http/javascripts/map.php 2010-11-11 10:16:12 UTC (rev 7109)
@@ -70,9 +70,9 @@
$currentFile = $extPath . $extFileArray[$i];
if (file_exists($currentFile)) {
/*
- * @security_patch finc open
+ * @security_patch finc done
*/
- require_once($currentFile);
+ require_once(secure($currentFile,$extPath,".js"));
echo "\n\n\n\n";
}
else {
@@ -105,9 +105,10 @@
$currentFile = $libPath . $libFileArray[$i];
if (file_exists($currentFile)) {
/*
- * @security_patch finc open
+ * @security_patch finc done
+ *
*/
- require_once($currentFile);
+ require_once(secure($currentFile,$libPath,".js"));
echo "\n\n\n\n";
}
else {
@@ -140,9 +141,10 @@
if (file_exists($currentFile)) {
$e = new mb_notice("LOADING module : " . $currentFile);
/*
- * @security_patch finc open
+ * @security_patch finc done
+ * we dont check the file extension
*/
- require_once($currentFile);
+ require_once(secure($currentFile,$path));
echo "\n";
$fileFound = true;
break;
@@ -248,9 +250,10 @@
}
$e = new mb_notice("LOADING JS : " . $currentFile);
/*
- * @security_patch finc open
+ * @security_patch finc done
+ * folder?
*/
- require($currentFile);
+ require(secure($currentFile,"",".js"));
}
echo "\n\t});\n};\n\n";
@@ -273,9 +276,10 @@
}
$e = new mb_notice("LOADING JS : " . $currentFile);
/*
- * @security_patch finc open
+ * @security_patch finc done
+ * folder?
*/
- require($currentFile);
+ require(secure($currentFile,"",".js"));
}
}
}
More information about the Mapbender_commits
mailing list