Rev 4 | Show entire file | Regard whitespace | Details | Blame | Last modification | View Log | RSS feed
Rev 4 | Rev 8 | ||
---|---|---|---|
Line 2... | Line 2... | ||
2 | 2 | ||
3 | require 'includes/main.inc.php'; |
3 | require 'includes/main.inc.php'; |
4 | 4 | ||
5 | $content = ''; |
5 | $content = ''; |
6 | 6 | ||
7 | if (!file_exists('design/'.$konfiguration['admin_design']['design'].'/style.css')) |
7 | if (!file_exists('design/'.wb_dir_escape($konfiguration['admin_design']['design']).'/style.css')) |
8 | die(''); |
8 | die(''); |
9 | 9 | ||
10 | $handle = @fopen('design/'.$konfiguration['admin_design']['design'].'/style.css', 'r'); |
10 | $handle = @fopen('design/'.wb_dir_escape($konfiguration['admin_design']['design']).'/style.css', 'r'); |
11 | while (!@feof($handle)) |
11 | while (!@feof($handle)) |
12 | { |
12 | { |
13 | $buffer = @fgets($handle, 4096); |
13 | $buffer = @fgets($handle, 4096); |
14 | $content .= $buffer; |
14 | $content .= $buffer; |
15 | } |
15 | } |
16 | @fclose ($handle); |
16 | @fclose ($handle); |
17 | 17 | ||
18 | $content = str_replace('###', 'design/'.$konfiguration['admin_design']['design'].'/', $content); |
18 | $content = str_replace('###', 'design/'.wb_dir_escape($konfiguration['admin_design']['design']).'/', $content); |
19 | 19 | ||
20 | echo $content; |
20 | echo $content; |
21 | 21 | ||
22 | ?> |
22 | ?> |
23 | 23 |