Revision 1353
Added by FrankH almost 14 years ago
| details.php | ||
|---|---|---|
| 28 | 28 |
|
| 29 | 29 |
// Get language name |
| 30 | 30 |
if(!isset($_POST['code']) OR $_POST['code'] == "") {
|
| 31 |
header("Location: index.php");
|
|
| 32 |
exit(0); |
|
| 31 |
$code = ''; |
|
| 33 | 32 |
} else {
|
| 34 | 33 |
$code = $_POST['code']; |
| 35 | 34 |
} |
| 36 | 35 |
|
| 36 |
// fix secunia 2010-93-2 |
|
| 37 |
if (!preg_match('/^[A-Z]{2}$/', $code)) {
|
|
| 38 |
header("Location: index.php");
|
|
| 39 |
exit(0); |
|
| 40 |
} |
|
| 41 |
|
|
| 37 | 42 |
// Check if the language exists |
| 38 | 43 |
if(!file_exists(WB_PATH.'/languages/'.$code.'.php')) {
|
| 39 | 44 |
header("Location: index.php");
|
Also available in: Unified diff
Security fixes