1
0
Fork 0

frio: sanitise $schema

This commit is contained in:
rabuzarus 2017-10-23 22:14:35 +02:00
parent 7e273ba51b
commit 2687a42e3c

View file

@ -60,6 +60,9 @@ if (! $a->install) {
if ($_REQUEST['schema']) { if ($_REQUEST['schema']) {
$schema = $_REQUEST['schema']; $schema = $_REQUEST['schema'];
} }
$schema = basename($schema);
if (($schema) && ($schema != '---')) { if (($schema) && ($schema != '---')) {
if (file_exists('view/theme/frio/schema/' . $schema . '.php')) { if (file_exists('view/theme/frio/schema/' . $schema . '.php')) {
$schemefile = 'view/theme/frio/schema/' . $schema . '.php'; $schemefile = 'view/theme/frio/schema/' . $schema . '.php';