diff options
| author | Marc Alexander <admin@m-a-styles.de> | 2013-05-12 22:41:00 +0200 |
|---|---|---|
| committer | Marc Alexander <admin@m-a-styles.de> | 2013-05-12 22:41:00 +0200 |
| commit | 7e70eec5a37ddfe112e12b976821c5b944128d32 (patch) | |
| tree | bc5c4b8d279474dc78207f72d65915d2b4ff1064 /phpBB/common.php | |
| parent | f90ed6c3cb9e1b8baeb352a07b81608fa7c067b5 (diff) | |
| parent | fe13b89dd4bd6d808d81c903e66fe869ccd43050 (diff) | |
| download | forums-7e70eec5a37ddfe112e12b976821c5b944128d32.tar forums-7e70eec5a37ddfe112e12b976821c5b944128d32.tar.gz forums-7e70eec5a37ddfe112e12b976821c5b944128d32.tar.bz2 forums-7e70eec5a37ddfe112e12b976821c5b944128d32.tar.xz forums-7e70eec5a37ddfe112e12b976821c5b944128d32.zip | |
Merge branch 'develop' of https://github.com/phpbb/phpbb3 into ticket/11465
Diffstat (limited to 'phpBB/common.php')
| -rw-r--r-- | phpBB/common.php | 9 |
1 files changed, 6 insertions, 3 deletions
diff --git a/phpBB/common.php b/phpBB/common.php index c33e2cbb1f..f6f109c3de 100644 --- a/phpBB/common.php +++ b/phpBB/common.php @@ -44,8 +44,11 @@ if (!defined('PHPBB_INSTALLED')) // Replace any number of consecutive backslashes and/or slashes with a single slash // (could happen on some proxy setups and/or Windows servers) $script_path = preg_replace('#[\\\\/]{2,}#', '/', $script_path); + // Eliminate . and .. from the path - $script_path = phpbb_clean_path($script_path); + require($phpbb_root_path . 'includes/filesystem.' . $phpEx); + $phpbb_filesystem = new phpbb_filesystem(); + $script_path = $phpbb_filesystem->clean_path($script_path); $url = (($secure) ? 'https://' : 'http://') . $server_name; @@ -82,9 +85,9 @@ require($phpbb_root_path . 'includes/utf/utf_tools.' . $phpEx); set_error_handler(defined('PHPBB_MSG_HANDLER') ? PHPBB_MSG_HANDLER : 'msg_handler'); // Setup class loader first -$phpbb_class_loader = new phpbb_class_loader('phpbb_', "{$phpbb_root_path}includes/", ".$phpEx"); +$phpbb_class_loader = new phpbb_class_loader('phpbb_', "{$phpbb_root_path}includes/", $phpEx); $phpbb_class_loader->register(); -$phpbb_class_loader_ext = new phpbb_class_loader('phpbb_ext_', "{$phpbb_root_path}ext/", ".$phpEx"); +$phpbb_class_loader_ext = new phpbb_class_loader('phpbb_ext_', "{$phpbb_root_path}ext/", $phpEx); $phpbb_class_loader_ext->register(); // Set up container |