diff options
| author | Filip Komar <filip@mageia.org> | 2014-01-10 20:16:39 +0000 |
|---|---|---|
| committer | Filip Komar <filip@mageia.org> | 2014-01-10 20:16:39 +0000 |
| commit | 4226ef6f206ce7a5d81b3f04b85d4b47937a0f0f (patch) | |
| tree | 4a57df1895b89fe6ac4dcc2c534c7f4e28d691a0 /en/downloads | |
| parent | e861636e2f1c43ba899c265bcae30bbaefa2fe60 (diff) | |
| download | www-4226ef6f206ce7a5d81b3f04b85d4b47937a0f0f.tar www-4226ef6f206ce7a5d81b3f04b85d4b47937a0f0f.tar.gz www-4226ef6f206ce7a5d81b3f04b85d4b47937a0f0f.tar.bz2 www-4226ef6f206ce7a5d81b3f04b85d4b47937a0f0f.tar.xz www-4226ef6f206ce7a5d81b3f04b85d4b47937a0f0f.zip | |
security improved for some pages with strip_tags of
Diffstat (limited to 'en/downloads')
| -rw-r--r-- | en/downloads/get/index.php | 5 |
1 files changed, 4 insertions, 1 deletions
diff --git a/en/downloads/get/index.php b/en/downloads/get/index.php index ca1325af3..39d7a7f56 100644 --- a/en/downloads/get/index.php +++ b/en/downloads/get/index.php @@ -38,7 +38,10 @@ require 'lib.php'; // request $product = get('q'); $debug = get('d'); -$torrent = isset($_GET['torrent']) ? true : false; +if (isset($_GET['torrent'])) { + $torrent = strip_tags(trim($_GET['torrent'])); +} +$torrent = isset($torrent) ? true : false; if (is_null($product)) { header('Location: /downloads/'); |