[website] 02/04: Only allow digits in rev parameter.
Bas Couwenberg
sebastic at xs4all.nl
Mon Oct 27 22:36:21 UTC 2014
This is an automated email from the git hooks/post-receive script.
sebastic-guest pushed a commit to branch master
in repository website.
commit f02ea5685f12f8478e2271263ce2a44484e13d7b
Author: Bas Couwenberg <sebastic at xs4all.nl>
Date: Mon Oct 27 22:35:01 2014 +0100
Only allow digits in rev parameter.
---
josmredir.php | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/josmredir.php b/josmredir.php
index 144ef5e..05332a0 100755
--- a/josmredir.php
+++ b/josmredir.php
@@ -11,7 +11,7 @@ $i18nrepo = "http://svn.openstreetmap.org/applications/editors/josm/i18n/";
#print_r($_GET);
#echo "</pre>";
-if (isset($_GET["rev"])) {
+if (isset($_GET["rev"]) && preg_match("/^\d+$/", $_GET["rev"])) {
$destdir = "josm/".uniqid("josm-");
$dfsg = (isset($_GET["debian"]) and $_GET["debian"] == "yes") ? true : false;
$svnrev = intval($_GET["rev"]);
--
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/pkg-grass/website.git
More information about the Pkg-grass-devel
mailing list