diff options
author | Dieter Adriaenssens <ruleant@users.sourceforge.net> | 2011-10-03 22:38:36 +0400 |
---|---|---|
committer | Dieter Adriaenssens <ruleant@users.sourceforge.net> | 2011-10-03 22:44:43 +0400 |
commit | d35cba980893aa6e6455fd6e6f14f3e3f1204c52 (patch) | |
tree | aceb7238804abc9d046634bfdb12fee27d817039 /phpmyadmin.css.php | |
parent | 2ff7b4cc93eb88325b2ac2930b966208642c1111 (diff) |
Fixed local path disclosure vulnerability, see PMASA-2011-15
Diffstat (limited to 'phpmyadmin.css.php')
-rw-r--r-- | phpmyadmin.css.php | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/phpmyadmin.css.php b/phpmyadmin.css.php index 2275c97ffd..b3cfecc2b8 100644 --- a/phpmyadmin.css.php +++ b/phpmyadmin.css.php @@ -9,7 +9,7 @@ * */ // sometimes, we lose $_REQUEST['js_frame'] -define('PMA_FRAME', empty($_REQUEST['js_frame']) ? 'right' : $_REQUEST['js_frame']); +define('PMA_FRAME', (! empty($_REQUEST['js_frame']) && is_string($_REQUEST['js_frame'])) ? $_REQUEST['js_frame'] : 'right'); define('PMA_MINIMUM_COMMON', true); require_once './libraries/common.inc.php'; |