mirror of
https://github.com/DataTables/DataTables.git
synced 2024-12-04 16:24:11 +01:00
3b24f99ac4
Credit to Arnaud Labenne of Dotsafe.fr for finding and reporting this.
11 lines
214 B
PHP
11 lines
214 B
PHP
<?php
|
|
|
|
if ( isset( $_POST['src'] ) && preg_match( '/^scripts\/[a-zA-Z_\-_]+\.php$/', $_POST['src'] ) !== 0 ) {
|
|
echo htmlspecialchars( file_get_contents( '../server_side/'.$_POST['src'] ) );
|
|
}
|
|
else {
|
|
echo '';
|
|
}
|
|
|
|
|