diff options
| author | David Aspinall | 2001-09-13 15:04:22 +0000 |
|---|---|---|
| committer | David Aspinall | 2001-09-13 15:04:22 +0000 |
| commit | 0a1c551567e320bf214e3aaa581dee39b9cd48a5 (patch) | |
| tree | b98f8468753ab0014ec7f3895009f544b175caa3 /html | |
| parent | d4cf55eb5aad84996ecd80c68c196baee4cfe035 (diff) | |
Fix two more gaping holes letting people examine whole filesystem
Diffstat (limited to 'html')
| -rw-r--r-- | html/htmlshow.php | 8 |
1 files changed, 7 insertions, 1 deletions
diff --git a/html/htmlshow.php b/html/htmlshow.php index d9cb8b46..915aac6f 100644 --- a/html/htmlshow.php +++ b/html/htmlshow.php @@ -1,5 +1,11 @@ <?php require('functions.php3'); - hack_html($file,$title); + if (substr($file,0,1)=="." or + substr($file,0,1)=="/" or + substr($file,0,1)=="~") { + print "Sorry, can't show you that file!\n"; + } else { + hack_html($file,$title); + } footer(); ?> |