diff options
| author | paulburdick <devnull@localhost> | 2007-06-28 01:30:41 +0200 |
|---|---|---|
| committer | paulburdick <devnull@localhost> | 2007-06-28 01:30:41 +0200 |
| commit | 8b1c3874d61d2c05f6368c9cad82aa533ad42b03 (patch) | |
| tree | 1ec8ceb6d114f18ab9df7d8d500f5d7873d6ea57 | |
| parent | fed96b698011d3d464a4caf9d75b6b1e71d175d1 (diff) | |
Modified the include so that there is a bit of filename security
| -rw-r--r-- | system/codeigniter/CodeIgniter.php | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/system/codeigniter/CodeIgniter.php b/system/codeigniter/CodeIgniter.php index 987478f9f..8b067ff72 100644 --- a/system/codeigniter/CodeIgniter.php +++ b/system/codeigniter/CodeIgniter.php @@ -132,7 +132,7 @@ load_class('Controller', FALSE); // Load the local application controller
// Note: The Router class automatically validates the controller path. If this include fails it
// means that the default controller in the Routes.php file is not resolving to something valid.
-if ( ! include(APPPATH.'controllers/'.$RTR->fetch_directory().$RTR->fetch_class().EXT))
+if ( ! include(APPPATH.'controllers/'.$IN->filename_security($RTR->fetch_directory()).$IN->filename_security($RTR->fetch_class()).EXT))
{
show_error('Unable to load your default controller. Please make sure the controller specified in your Routes.php file is valid.');
}
|