Project

General

Profile

« Previous | Next » 

Revision 1882

Added by darkviper over 11 years ago

protect magic setter to fix security issue in Translate

View differences:

Translate.php
136 136
 */	
137 137
	public function addAddon($sAddon)
138 138
	{
139
		$sAddon = str_replace('/', '\\', $sAddon);
139 140
		if(!(strtolower($sAddon) == 'core' || $sAddon == '' || isset($this->aLoadedAddons[$sAddon]))) {
140 141
		// load requested addon translations if needed and possible
141 142
			$oTmp = new TranslationTable($sAddon, 
......
152 153
 */	
153 154
	public function enableAddon($sAddon)
154 155
	{
156
		$sAddon = str_replace('/', '\\', $sAddon);
155 157
		if(!(strtolower($sAddon) == 'core' || $sAddon == '')) {
156 158
			if(!isset($this->aLoadedAddons[$sAddon])) {
157 159
				$this->addAddon($sAddon);
......
202 204
		return $sRetval;
203 205
	}
204 206
/**
207
 * Protect class from property injections
208
 * @param string name of property
209
 * @param mixed value
210
 * @throws TranslationException
211
 */	
212
	public function __set($name, $value) {
213
		throw new TranslationException('tried to set a readonly or nonexisting property ['.$name.']!! ');
214
	}
215
/**
205 216
 * Return complete table of translations
206 217
 * @return array
207 218
 * @deprecated for backward compatibility only. Will be removed shortly

Also available in: Unified diff