From 3ec58d6bc3db78fe055168b030cd9cb7a1c041c9 Mon Sep 17 00:00:00 2001 From: JanRei Date: Sun, 3 Jul 2011 16:27:27 +0000 Subject: [PATCH] MSD-4 Implement whitelist check for langId parameter passed to flag.php --- public/flag.php | 23 ++++++++++------------- 1 file changed, 10 insertions(+), 13 deletions(-) diff --git a/public/flag.php b/public/flag.php index 281baa9..8ebfc60 100644 --- a/public/flag.php +++ b/public/flag.php @@ -1,16 +1,13 @@ implement whitelist of characters for langId -$country = str_replace( - array('..', "\x00"), - '', - $_GET['langId'] -); +$country = $_GET['langId']; -$languageDir = realpath(dirname(__FILE__) . '/../application/language'); +if (preg_match('/^[A-Z0-9_]+\z/i', $country)) { + define('DS', DIRECTORY_SEPARATOR); + $languageDir = realpath(dirname(__FILE__) . '/../application/language'); + $image = $languageDir . DS . $country . DS . 'flag.gif'; -header('Content-Type: image/gif'); - -define('DS', DIRECTORY_SEPARATOR); -$image = $languageDir . DS . $country . DS . 'flag.gif'; - -readfile(realpath($image)); \ No newline at end of file + if (file_exists($image)) { + header('Content-Type: image/gif'); + readfile(realpath($image)); + } +} \ No newline at end of file