Drupal
/
drupal
mirror of https://git.drupalcode.org/project/drupal.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

#396224 partial rollback of SA-CORE-2009-003 security hardening.

5.x
Neil Drumm 2009-05-13 15:41:32 +00:00
parent 2518420df9
commit d43f4a7423
1 changed files with 0 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
themes/engines/phptemplate/phptemplate.engine
View File

@ -377,14 +377,9 @@ function phptemplate_box($title, $content, $region = 'main') {
function _phptemplate_default($hook, $variables, $suggestions = array(), $extension = '.tpl.php') {
global $theme_engine;
// Remove slashes or null to prevent files from being included from
// an unexpected location (especially on Windows servers).
$extension = str_replace(array("/", "\\", "\0"), '', $extension);
// Loop through any suggestions in FIFO order.
$suggestions = array_reverse($suggestions);
foreach ($suggestions as $suggestion) {
$suggestion = str_replace(array("/", "\\", "\0"), '', $suggestion);
if (!empty($suggestion) && file_exists(path_to_theme() .'/'. $suggestion . $extension)) {
$file = path_to_theme() .'/'. $suggestion . $extension;
break;