Rev 1266 | Go to most recent revision | Show entire file | Regard whitespace | Details | Blame | Last modification | View Log | RSS feed
Rev 1266 | Rev 1267 | ||
---|---|---|---|
Line 228... | Line 228... | ||
228 | )) { |
228 | )) { |
229 | if (strpos($file, chr(0)) !== false) { |
229 | if (strpos($file, chr(0)) !== false) { |
230 | $file = str_replace(chr(0), '[NUL]', $file); |
230 | $file = str_replace(chr(0), '[NUL]', $file); |
231 | } |
231 | } |
232 | // This will not be logged anymore, because people could spam the log files otherwise |
232 | // This will not be logged anymore, because people could spam the log files otherwise |
233 | //OIDplus::logger()->log("[WARN]A!", "LFI/RFI attack blocked (requested file '%1')", $file); |
233 | //OIDplus::logger()->log("V2:[WARN]A", "LFI/RFI attack blocked (requested file '%1')", $file); |
234 | throw new OIDplusException(_L('This request is invalid'), _L('Access denied')); |
234 | throw new OIDplusException(_L('This request is invalid'), _L('Access denied')); |
235 | } |
235 | } |
236 | 236 | ||
237 | $out['text'] = ''; |
237 | $out['text'] = ''; |
238 | 238 |