Comunic/ComunicAPI
1
0
Fork 0
mirror of https://github.com/pierre42100/ComunicAPI synced 2025-06-18 16:18:04 +00:00
Code Issues Projects Releases Wiki Activity

Fixed security breach issue

Browse Source
This commit is contained in:
Pierre
2018-04-20 14:11:14 +02:00
parent 19292b70b0
commit 7a0cbc3214
3 changed files with 11 additions and 5 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
functions/requests.php
View File

@ -500,7 +500,7 @@ function checkUserDirectoryValidity(string $directory) : bool {
return FALSE;
//Check if the domain contains forbidden characters
if(str_replace(array(".html", ".txt", ".php", "à", "â", "é", "ê", "@", "/", "\"", "'", '"'), "", $directory) != $directory)
if(str_replace(array(".html", ".txt", ".php", "à", "â", "é", "ê", "@", "/", "\"", "'", '"', "<", ">", "?", "&", "#"), "", $directory) != $directory)
return FALSE;
//If we get there, the domain is valid