Rev 1266 | Go to most recent revision | Show entire file | Regard whitespace | Details | Blame | Last modification | View Log | RSS feed
| Rev 1266 | Rev 1267 | ||
|---|---|---|---|
| Line 228... | Line 228... | ||
| 228 | )) { |
228 | )) { |
| 229 | if (strpos($file, chr(0)) !== false) { |
229 | if (strpos($file, chr(0)) !== false) { |
| 230 | $file = str_replace(chr(0), '[NUL]', $file); |
230 | $file = str_replace(chr(0), '[NUL]', $file); |
| 231 | } |
231 | } |
| 232 | // This will not be logged anymore, because people could spam the log files otherwise |
232 | // This will not be logged anymore, because people could spam the log files otherwise |
| 233 | //OIDplus::logger()->log("[WARN]A!", "LFI/RFI attack blocked (requested file '%1')", $file); |
233 | //OIDplus::logger()->log("V2:[WARN]A", "LFI/RFI attack blocked (requested file '%1')", $file); |
| 234 | throw new OIDplusException(_L('This request is invalid'), _L('Access denied')); |
234 | throw new OIDplusException(_L('This request is invalid'), _L('Access denied')); |
| 235 | } |
235 | } |
| 236 | 236 | ||
| 237 | $out['text'] = ''; |
237 | $out['text'] = ''; |
| 238 | 238 | ||