diff options
author | Brion Vibber <brion@pobox.com> | 2010-02-01 08:48:31 -0800 |
---|---|---|
committer | Brion Vibber <brion@pobox.com> | 2010-02-01 08:49:59 -0800 |
commit | 6159edcebbcb1c230113e18788a676035979a4c8 (patch) | |
tree | 83c5f5b9ad3fb1618756398db42780b8cc7b22ce /actions/getfile.php | |
parent | 57d8f22a3ae8aba882b7782cbc426e65cdb355f6 (diff) |
Improve name validation checks on local File references
Diffstat (limited to 'actions/getfile.php')
-rw-r--r-- | actions/getfile.php | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/actions/getfile.php b/actions/getfile.php index cd327e410..9cbe8e1d9 100644 --- a/actions/getfile.php +++ b/actions/getfile.php @@ -71,7 +71,7 @@ class GetfileAction extends Action $filename = $this->trimmed('filename'); $path = null; - if ($filename) { + if ($filename && File::validFilename($filename)) { $path = File::path($filename); } |