Skip to content

D
doctrine-dbal
Commit c48c878a authored by meus's avatar meus
Browse files
Options

Fixed security issue in cc script

parent da57136d
Hide whitespace changes
Inline Side-by-side
Showing with 6 additions and 0 deletions
tests/cc.php
View file @ c48c878a
...@@ -39,8 +39,14 @@ $reporter = new Doctrine_Coverage_Report("coverage.txt"); ...@@ -39,8 +39,14 @@ $reporter = new Doctrine_Coverage_Report("coverage.txt");
<?php <?php
if (isset($_GET["file"])){ if (isset($_GET["file"])){
if (strpos($_GET["file"], "Doctrine") === false) {
echo "trying something fishy?";
exit(0);
}
echo '<h1>Coverage for ' . $_GET["file"] . '</h1>'; echo '<h1>Coverage for ' . $_GET["file"] . '</h1>';
echo '<a href="cc.php">Back to coverage report</a>'; echo '<a href="cc.php">Back to coverage report</a>';
$reporter->showFile($_GET["file"]); $reporter->showFile($_GET["file"]);
} else { } else {
?> ?>
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment