mirror/php-phpbb
1
0
Fork 0
mirror of https://github.com/phpbb/phpbb.git synced 2025-02-24 12:03:21 +01:00
Code Issues Releases Wiki Activity

[ticket/10370] Ease up code checking for arguments of include etc.

Browse Source 
PHPBB3-10370
This commit is contained in:
Andreas Fischer 2011-09-19 17:07:06 +02:00
parent 12530a763b
commit 0df7e5eefa
1 changed files with 7 additions and 14 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

21
phpBB/includes/functions.php
View File

@ -3401,22 +3401,15 @@ function get_backtrace()
{
// Strip the current directory from path
$trace['file'] = (empty($trace['file'])) ? '' : phpbb_filter_root_path($trace['file']);
$args = array();
// If include/require/include_once is not called, do not show arguments - they may contain sensible information
if (!in_array($trace['function'], array('include', 'require', 'include_once')))
// Only show function arguments for include etc.
// Other parameters may contain sensible information
$args = array();
if (!empty($trace['args'][0]) && in_array($trace['function'], array('include', 'require', 'include_once')))
{
unset($trace['args']);
}
else
{
// Path...
if (!empty($trace['args'][0]))
{
$argument = htmlspecialchars($trace['args'][0]);
$argument = phpbb_filter_root_path($argument);
$args[] = "'{$argument}'";
}
$argument = htmlspecialchars($trace['args'][0]);
$argument = phpbb_filter_root_path($argument);
$args[] = "'{$argument}'";
}
$trace['class'] = (!isset($trace['class'])) ? '' : $trace['class'];