From b42f5bdd0d4b924befc665f854908d67a4285f17 Mon Sep 17 00:00:00 2001 From: "Fedor A. Fetisov" Date: Tue, 10 Sep 2013 17:28:22 +0400 Subject: [PATCH] Sanitize path to application and remove extra slashes from it --- src/messenger/webim/libs/common.php | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/src/messenger/webim/libs/common.php b/src/messenger/webim/libs/common.php index 7122a0c4..e23021eb 100644 --- a/src/messenger/webim/libs/common.php +++ b/src/messenger/webim/libs/common.php @@ -20,6 +20,10 @@ session_start(); require_once(dirname(__FILE__) . '/converter.php'); require_once(dirname(__FILE__) . '/config.php'); +// Sanitize path to application and remove extra slashes +$webimroot = join("/", array_map("urlencode", preg_split('/\//', preg_replace('/\/+$/', '', preg_replace('/\/{2,}/', '/', '/' . $webimroot))))); + + $version = '1.6.5'; $jsver = "165";