mxmehl/uberspace-webadmin
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

more password anti-disclosure

Browse Source
This commit is contained in:
mxmehl
2015-07-10 14:12:31 +03:00
parent 70f12a69d4
commit e39023e6fd
2 changed files with 1 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
file.txt Normal file
View File

@@ -0,0 +1 @@
password ' ls -R

1
submit.php
View File

@@ -23,7 +23,6 @@ $SURE = $_POST['sure'];
// Sanitize variables // Sanitize variables
$ACTION = escapeshellarg($ACTION); $ACTION = escapeshellarg($ACTION);
$USER = escapeshellarg($USER); $USER = escapeshellarg($USER);
$PASS = escapeshellarg($PASS);
$RAND = mt_rand(100000, 999999); $RAND = mt_rand(100000, 999999);
$PASSFILE = $RAND . '.pass'; $PASSFILE = $RAND . '.pass';