summaryrefslogtreecommitdiffstats
path: root/lib/base.php
diff options
context:
space:
mode:
authorGeorg Ehrke <dev@georgswebsite.de>2012-04-19 22:25:21 +0200
committerGeorg Ehrke <dev@georgswebsite.de>2012-04-19 22:25:21 +0200
commit909282c81edb98db304e1be09c8fd69a350a1cce (patch)
treeed94df14b0fe292c0c9d8b1fb4de74ec3f3e92ae /lib/base.php
parent85019887dfed3762025d3fc936a61f085ab4e440 (diff)
downloadnextcloud-server-909282c81edb98db304e1be09c8fd69a350a1cce.tar.gz
nextcloud-server-909282c81edb98db304e1be09c8fd69a350a1cce.zip
remove parameters in file var before call require once
Diffstat (limited to 'lib/base.php')
-rw-r--r--lib/base.php10
1 files changed, 7 insertions, 3 deletions
diff --git a/lib/base.php b/lib/base.php
index 2924a1da182..5478f084392 100644
--- a/lib/base.php
+++ b/lib/base.php
@@ -283,10 +283,9 @@ class OC{
public static function loadfile(){
if(file_exists(OC::$APPSROOT . '/apps/' . OC::$REQUESTEDAPP . '/' . OC::$REQUESTEDFILE)){
- OC_App::loadApps();
require_once(OC::$APPSROOT . '/apps/' . OC::$REQUESTEDAPP . '/' . OC::$REQUESTEDFILE);
}else{
- header('404 Not Found');
+ header('404 Not found');
}
}
@@ -401,7 +400,12 @@ class OC{
register_shutdown_function(array('OC_Helper','cleanTmp'));
self::$REQUESTEDAPP = (isset($_GET['app'])?strip_tags($_GET['app']):'files');
- self::$REQUESTEDFILE = (isset($_GET['file'])?(OC_Helper::issubdirectory(OC::$APPSROOT . '/' . self::$REQUESTEDAPP . '/' . $_GET['file'], OC::$APPSROOT . '/' . self::$REQUESTEDAPP)?$_GET['file']:null):null);
+ self::$REQUESTEDFILE = $_GET['file'];
+ if(substr_count(self::$REQUESTEDFILE, '?') != 0){
+ $pos = strpos(self::$REQUESTEDFILE, '?');
+ self::$REQUESTEDFILE = substr(self::$REQUESTEDFILE, 0, $pos);
+ }
+ self::$REQUESTEDFILE = (isset($_GET['file'])?(OC_Helper::issubdirectory(OC::$APPSROOT . '/' . self::$REQUESTEDAPP . '/' . self::$REQUESTEDFILE, OC::$APPSROOT . '/' . self::$REQUESTEDAPP)?self::$REQUESTEDFILE:null):null);
}
}
generated by cgit v1.2.3 (git 2.39.1) at 2025-01-15 14:14:38 +0000