archive/php-src
1
0
Fork 0
mirror of https://github.com/php/php-src.git synced 2025-08-19 08:49:28 +02:00
Code Issues Projects Releases Packages Wiki Activity Actions 1

Fix remote security risk, pointed out by Wolfram Kriesing

Browse source
This commit is contained in:
Tomas V.V.Cox 2002-02-01 16:36:32 +00:00
parent 1cb07caf63
commit 22aee18f0b
1 changed files with 3 additions and 1 deletions
Download patch file Download diff file Expand all files Collapse all files

4
pear/DB.php
View file

@ -534,7 +534,9 @@ class DB
} }
foreach ($opts as $opt) { foreach ($opts as $opt) {
list($key, $value) = explode('=', $opt); list($key, $value) = explode('=', $opt);
$parsed[$key] = urldecode($value); if (!isset($parsed[$key])) { // don't allow params overwrite
$parsed[$key] = urldecode($value);
}
} }
} }
} }