Nemcio/simple-file-manager
1
0
Fork 0
mirror of https://github.com/jcampbell1/simple-file-manager.git synced 2025-02-20 22:00:04 +01:00
Code Issues Packages Projects Releases Activity

Security fix for #81 (insecure php setups)

Browse Source
This commit is contained in:
John Campbell
2019-10-24 11:02:19 -06:00
parent 40755d01c4
commit ae87964f8c
1 changed files with 3 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
index.php
View File

@@ -59,6 +59,9 @@ if($_POST) {
} }
$file = $_REQUEST['file'] ?: '.'; $file = $_REQUEST['file'] ?: '.';
// strip url syntax, like file://....
$file = preg_replace('@^.+://@','',$file);
if($_GET['do'] == 'list') { if($_GET['do'] == 'list') {
if (is_dir($file)) { if (is_dir($file)) {
$directory = $file; $directory = $file;