mirror/php-phpbb
1
0
Fork 0
mirror of https://github.com/phpbb/phpbb.git synced 2025-08-03 15:27:42 +02:00
Code Issues Releases Wiki Activity

some changes for the new version

Browse Source 
- it would be nice if anyone able would be testing these changes on their installations and report bugs as soon as possible (also do not hestitate to PM the developers. ;)).
- the changelog is ommitted for now - it will get checked in later.


git-svn-id: file:///svn/phpbb/branches/phpBB-2_0_0@6772 89ea8834-ac86-4346-8a33-228a782c2dd0
This commit is contained in:
Meik Sievertsen
2006-12-16 13:11:28 +00:00
parent e105aa68bb
commit 688d57f99c
20 changed files with 190 additions and 132 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
phpBB/includes/functions.php
View File

@@ -917,7 +917,7 @@ function redirect($url)
$db->sql_close();
}
if (strstr(urldecode($url), "\n") || strstr(urldecode($url), "\r"))
if (strstr(urldecode($url), "\n") || strstr(urldecode($url), "\r") || strstr(urldecode($url), ';url'))
{
message_die(GENERAL_ERROR, 'Tried to redirect to potentially insecure url.');
}