From d7b58a7730ee81d3ba1e4222e567449709c864f4 Mon Sep 17 00:00:00 2001
From: Denis Flaven <denis.flaven@combodo.com>
Date: Wed, 22 Jun 2016 12:08:58 +0000
Subject: [PATCH] Properly sanitize the "switch_env" parameter and take it into
 account only if it contains a valid value.

SVN:trunk[4238]
---
 application/startup.inc.php | 7 ++++---
 1 file changed, 4 insertions(+), 3 deletions(-)

diff --git a/application/startup.inc.php b/application/startup.inc.php
index e97acb5dc..0efbb5e3a 100644
--- a/application/startup.inc.php
+++ b/application/startup.inc.php
@@ -28,10 +28,11 @@ require_once(APPROOT.'/core/cmdbobject.class.inc.php');
 require_once(APPROOT.'/application/utils.inc.php');
 session_name('itop-'.md5(APPROOT));
 session_start();
-if (isset($_REQUEST['switch_env']))
+$sSwitchEnv = utils::ReadParam('switch_env', null);
+if (($sSwitchEnv != null) && (file_exists(APPCONF.$sSwitchEnv.'/'.ITOP_CONFIG_FILE)))
 {
-	$sEnv = $_REQUEST['switch_env'];
-	$_SESSION['itop_env'] = $sEnv;
+	$_SESSION['itop_env'] = $sSwitchEnv;
+	$sEnv = $sSwitchEnv;
 	// TODO: reset the credentials as well ??
 }
 else if (isset($_SESSION['itop_env']))