Welcome to mirror list, hosted at ThFree Co, Russian Federation.

github.com/phpmyadmin/phpmyadmin.git - Unnamed repository; edit this file 'description' to name the repository.
summaryrefslogtreecommitdiff
path: root/phpmyadmin.css.php
diff options
context:
space:
mode:
authorDieter Adriaenssens <ruleant@users.sourceforge.net>2011-10-03 22:38:36 +0400
committerDieter Adriaenssens <ruleant@users.sourceforge.net>2011-10-03 22:44:43 +0400
commitd35cba980893aa6e6455fd6e6f14f3e3f1204c52 (patch)
treeaceb7238804abc9d046634bfdb12fee27d817039 /phpmyadmin.css.php
parent2ff7b4cc93eb88325b2ac2930b966208642c1111 (diff)
Fixed local path disclosure vulnerability, see PMASA-2011-15
Diffstat (limited to 'phpmyadmin.css.php')
-rw-r--r--phpmyadmin.css.php2
1 files changed, 1 insertions, 1 deletions
diff --git a/phpmyadmin.css.php b/phpmyadmin.css.php
index 2275c97ffd..b3cfecc2b8 100644
--- a/phpmyadmin.css.php
+++ b/phpmyadmin.css.php
@@ -9,7 +9,7 @@
*
*/
// sometimes, we lose $_REQUEST['js_frame']
-define('PMA_FRAME', empty($_REQUEST['js_frame']) ? 'right' : $_REQUEST['js_frame']);
+define('PMA_FRAME', (! empty($_REQUEST['js_frame']) && is_string($_REQUEST['js_frame'])) ? $_REQUEST['js_frame'] : 'right');
define('PMA_MINIMUM_COMMON', true);
require_once './libraries/common.inc.php';
generated by cgit v1.2.3 (git 2.25.1) at 2024-07-24 20:35:28 +0300