mirror of
https://git.code.sf.net/p/seeddms/code
synced 2024-11-26 15:32:13 +00:00
fix potential xss attack when showing log file
This commit is contained in:
parent
aae0d004c3
commit
0ceb6d602c
|
@ -4,6 +4,7 @@
|
|||
- add new page for send test notification
|
||||
- remove deprecated function formatted_size()
|
||||
- fix bugs when importing files from filesystem with metadata, better logging
|
||||
- fix potential xss attack when showing log file
|
||||
|
||||
--------------------------------------------------------------------------------
|
||||
Changes in version 5.1.35
|
||||
|
|
|
@ -151,7 +151,7 @@ $("input[type=checkbox]").each(function () { this.checked = !this.checked; });
|
|||
$this->htmlEndPage();
|
||||
} elseif(file_exists($this->logdir.$logname)){
|
||||
echo $logname."<pre>\n";
|
||||
readfile($this->logdir.$logname);
|
||||
echo htmlspecialchars(file_get_contents($this->logdir.$logname));
|
||||
echo "</pre>\n";
|
||||
} else {
|
||||
UI::exitError(getMLText("admin_tools"),getMLText("access_denied"));
|
||||
|
|
Loading…
Reference in New Issue
Block a user