summaryrefslogtreecommitdiff
path: root/actions/getfile.php
diff options
context:
space:
mode:
authorBrion Vibber <brion@pobox.com>2010-02-01 08:48:31 -0800
committerBrion Vibber <brion@pobox.com>2010-02-01 08:48:31 -0800
commit84ab0156b415a405704784dfc19b59ebd3a1d1ee (patch)
tree748c6dbd38073e7aaf31fae5b860285512cb1534 /actions/getfile.php
parent779204b194447397d0770d96e291d9491fd731b9 (diff)
Improve name validation checks on local File references
Diffstat (limited to 'actions/getfile.php')
-rw-r--r--actions/getfile.php2
1 files changed, 1 insertions, 1 deletions
diff --git a/actions/getfile.php b/actions/getfile.php
index cd327e410..9cbe8e1d9 100644
--- a/actions/getfile.php
+++ b/actions/getfile.php
@@ -71,7 +71,7 @@ class GetfileAction extends Action
$filename = $this->trimmed('filename');
$path = null;
- if ($filename) {
+ if ($filename && File::validFilename($filename)) {
$path = File::path($filename);
}