composer/iTop
6
0
Fork 0
mirror of https://github.com/Combodo/iTop.git synced 2026-02-13 07:24:13 +01:00
Code Issues Packages Projects Releases Wiki Activity

Properly sanitize the "switch_env" parameter and take it into account only if it contains a valid value.

Browse Source 
SVN:trunk[4238]
This commit is contained in:
Denis Flaven
2016-06-22 12:08:58 +00:00
parent 04133a8853
commit d7b58a7730
1 changed files with 4 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

7
application/startup.inc.php
View File

@@ -28,10 +28,11 @@ require_once(APPROOT.'/core/cmdbobject.class.inc.php');
require_once(APPROOT.'/application/utils.inc.php'); require_once(APPROOT.'/application/utils.inc.php');
session_name('itop-'.md5(APPROOT)); session_name('itop-'.md5(APPROOT));
session_start(); session_start();
if (isset($_REQUEST['switch_env'])) $sSwitchEnv = utils::ReadParam('switch_env', null);
if (($sSwitchEnv != null) && (file_exists(APPCONF.$sSwitchEnv.'/'.ITOP_CONFIG_FILE)))
{ {
$sEnv = $_REQUEST['switch_env']; $_SESSION['itop_env'] = $sSwitchEnv;
$_SESSION['itop_env'] = $sEnv; $sEnv = $sSwitchEnv;
// TODO: reset the credentials as well ?? // TODO: reset the credentials as well ??
} }
else if (isset($_SESSION['itop_env'])) else if (isset($_SESSION['itop_env']))