From: moodler <moodler>
Date: Wed, 18 Aug 2004 05:52:01 +0000 (+0000)
Subject: Disallow dots being passed to lang (path disclosure)
X-Git-Url: http://git.mjollnir.org/gw?a=commitdiff_plain;h=80035a89e1b3d7ca5ca4d78412ac63f3c2599609;p=moodle.git

Disallow dots being passed to lang (path disclosure)
---

diff --git a/lib/setup.php b/lib/setup.php
index 82866b5603..86678ddc86 100644
--- a/lib/setup.php
+++ b/lib/setup.php
@@ -235,7 +235,7 @@
 /// majority of cases), use the stored locale specified by admin.
 
     if (isset($_GET['lang'])) {
-        if (!detect_munged_arguments($lang) and file_exists("$CFG->dirroot/lang/$lang")) {
+        if (!detect_munged_arguments($lang, 0) and file_exists("$CFG->dirroot/lang/$lang")) {
             $SESSION->lang = $lang;
             $SESSION->encoding = get_string('thischarset');
         }
diff --git a/lib/weblib.php b/lib/weblib.php
index ba9a31bfa9..cb848263a3 100644
--- a/lib/weblib.php
+++ b/lib/weblib.php
@@ -524,8 +524,8 @@ function validate_email ($address) {
                   $address));
 }
 
-function detect_munged_arguments($string) {
-    if (substr_count($string, '..') > 1) {   // We allow one '..' in a URL
+function detect_munged_arguments($string, $allowdots=1) {
+    if (substr_count($string, '..') > $allowdots) {   // Sometimes we allow dots in references
         return true;
     }
     if (ereg('[\|\`]', $string)) {  // check for other bad characters