From 0fc747767229c02dcff94cbb95eb6f0b5aee77b1 Mon Sep 17 00:00:00 2001
From: "Fedor A. Fetisov" <faf@ossg.ru>
Date: Mon, 28 Oct 2013 15:51:11 +0400
Subject: [PATCH] Sanitize mibewroot value

---
 src/mibew/libs/init.php | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/src/mibew/libs/init.php b/src/mibew/libs/init.php
index 8561025d..eb61c691 100644
--- a/src/mibew/libs/init.php
+++ b/src/mibew/libs/init.php
@@ -24,6 +24,9 @@ session_start();
 // Include configuration file
 require_once(dirname(__FILE__).'/config.php');
 
+// Sanitize path to application and remove extra slashes
+$mibewroot = join("/", array_map("urlencode", preg_split('/\//', preg_replace('/\/+$/', '', preg_replace('/\/{2,}/', '/', '/' . $mibewroot)))));
+
 // Include system constants file
 require_once(dirname(__FILE__).'/common/constants.php');