git.shiar.nl
/
minimedit.git
/ commitdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
| commitdiff |
tree
raw
|
patch
| inline |
side by side
(parent:
dedc9de
)
edit: allow any non-hidden filename
v2.1
author
Mischa POSLAWSKY
<perl@shiar.org>
Thu, 14 Sep 2017 15:45:48 +0000
(17:45 +0200)
committer
Mischa POSLAWSKY
<perl@shiar.org>
Mon, 18 Sep 2017 18:21:28 +0000
(20:21 +0200)
edit.php
patch
|
blob
|
history
diff --git
a/edit.php
b/edit.php
index f0d001e9fc6d029d06b24ea49acd147049600f0a..3b280ee4e3a961d827adda8c7f0e9fbd7966d930 100644
(file)
--- a/
edit.php
+++ b/
edit.php
@@
-16,7
+16,7
@@
if (!isset($_SERVER['PATH_INFO']) or strlen($_SERVER['PATH_INFO']) <= 1)
abort('409 input error', "geen bestand aangeleverd");
$filename = ltrim($Args, '/').'.html';
-if (
!preg_match('{^(?:[/a-z0-9-])+\.html$
}', $filename))
+if (
preg_match('{^\.
}', $filename))
abort('403 input error', "ongeldige bestandsnaam: $filename");
if (file_exists($filename) and !is_writable($filename))
abort('403 input error', "onwijzigbaar bestand: $filename");