diff options
| author | Michal Čihař <michal@cihar.com> | 2011-08-04 21:44:22 +0400 |
|---|---|---|
| committer | Michal Čihař <michal@cihar.com> | 2011-08-04 21:44:22 +0400 |
| commit | 9a938ed9867317474ae4bb63a17270c34040d2b5 (patch) | |
| tree | 3996857fff6ab4c3fcc6b06ae76ed08d52836f16 /file_echo.php | |
| parent | 872ddd034ff325e88caef9b8863bc5fa49734456 (diff) | |
Fix comments
Diffstat (limited to 'file_echo.php')
| -rw-r--r-- | file_echo.php | 4 |
1 files changed, 2 insertions, 2 deletions
diff --git a/file_echo.php b/file_echo.php index 58ff86bdb5..37d9a02c67 100644 --- a/file_echo.php +++ b/file_echo.php @@ -28,10 +28,10 @@ if (isset($_REQUEST['filename']) && isset($_REQUEST['image'])) { $valid_match = '/^[^\n\r]*\.' . $extension . '$/'; if (! preg_match($valid_match, $_REQUEST['filename'])) { if (! preg_match('/^[^\n\r]*$/', $_REQUEST['filename'])) { - /* Add extension */ + /* Filename is unsafe, discard it */ $filename = 'dowload.' . $extension; } else { - /* Filename is unsafe, discard it */ + /* Add extension */ $filename = $_REQUEST['filename'] . '.' . $extension; } } else { |