1
0
mirror of https://github.com/DataTables/DataTables.git synced 2024-12-04 16:24:11 +01:00
DataTables/examples/resources/examples.php
Allan Jardine 3b24f99ac4 Fix - examples: Tighten up regex check to protect against LFI vulnerability
Credit to Arnaud Labenne of Dotsafe.fr for finding and reporting this.
2017-04-12 20:00:44 +01:00

11 lines
214 B
PHP

<?php
if ( isset( $_POST['src'] ) && preg_match( '/^scripts\/[a-zA-Z_\-_]+\.php$/', $_POST['src'] ) !== 0 ) {
echo htmlspecialchars( file_get_contents( '../server_side/'.$_POST['src'] ) );
}
else {
echo '';
}