From e2d89725535a3795543e08a8e6205128ab51a7ae Mon Sep 17 00:00:00 2001
From: martin <martin>
Date: Thu, 5 Sep 2002 11:53:17 +0000
Subject: [PATCH] BUG FIX! - fixes error that could allow ANY file on the
 system to be read!

---
 lib/weblib.php | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/lib/weblib.php b/lib/weblib.php
index 1f259db321..a77e40f0ff 100644
--- a/lib/weblib.php
+++ b/lib/weblib.php
@@ -240,6 +240,10 @@ function get_slash_arguments($i=0) {
         return false;
     }
 
+    if (strpos($PATH_INFO, "..")) {  // check for funny business
+        return false;
+    }
+
     $args = explode("/", $PATH_INFO);
 
     if ($i) {     // return just the required argument
-- 
2.39.5