Revision 15
Added by stefan about 20 years ago
| browse.php | ||
|---|---|---|
| 1 | 1 |
<?php |
| 2 | 2 |
|
| 3 |
// $Id: browse.php,v 1.4 2005/04/02 06:25:37 rdjurovich Exp $
|
|
| 3 |
// $Id$ |
|
| 4 | 4 |
|
| 5 | 5 |
/* |
| 6 | 6 |
|
| ... | ... | |
| 48 | 48 |
$admin->print_error($MESSAGE['MEDIA']['DIR_DOT_DOT_SLASH']); |
| 49 | 49 |
} |
| 50 | 50 |
|
| 51 |
if(!file_exists(WB_PATH.'/media'.$directory)) {
|
|
| 52 |
$admin->print_header(); |
|
| 53 |
$admin->print_error($MESSAGE['MEDIA']['DIR_DOES_NOT_EXIST']); |
|
| 54 |
} |
|
| 55 |
|
|
| 51 | 56 |
// Check to see if the user wanted to go up a directory into the parent folder |
| 52 | 57 |
if($admin->get_get('up') == 1) {
|
| 53 | 58 |
$parent_directory = dirname($directory); |
Also available in: Unified diff
Added directory check to browse.php to prevent xss exploit by trusted users.