From: konrad Date: Thu, 8 Nov 2007 17:54:59 +0000 (+0000) Subject: fix directory traversal bug and some indenting X-Git-Url: http://git.silmor.de/gitweb/?a=commitdiff_plain;h=4a8fff5166f9b1f1499c419fe8586ce73d46ef57;p=web%2Fkonrad%2Fsmoke.git fix directory traversal bug and some indenting git-svn-id: https://silmor.de/svn/softmagic/smoke/trunk@70 6e3c4bff-ac9f-4ac1-96c5-d2ea494d3e33 --- diff --git a/www/inc/language_manager.php b/www/inc/language_manager.php index fd9f50b..a0f8d23 100644 --- a/www/inc/language_manager.php +++ b/www/inc/language_manager.php @@ -35,15 +35,23 @@ class LanguageManager { global $template; - $this->templateFolder = $template; + $this->templateFolder = $template; + //default fallback for empty setting + if($this->templateFolder=="")$this->templateFolder="./template/"; + //make sure it ends with / + if(substr($this->templateFolder,-1,1)!="/")$this->templateFolder.="/"; // check if cookie is set if (isset($_COOKIE[self::$COOKIE_NAME])) { $this->lang = $_COOKIE[self::$COOKIE_NAME]; } else { - $this->lang = substr($_SERVER[HTTP_ACCEPT_LANGUAGE],0,2); + $this->lang = substr($_SERVER["HTTP_ACCEPT_LANGUAGE"],0,2); } + //sanity check for $lang -> must only contain letters; fallback is de + if(ereg("^[a-zA-Z]+$",$this->lang)===false) + $this->lang="de"; + $this->setLanguageConfig(); } @@ -51,10 +59,10 @@ class LanguageManager public static function singleton() { if(!self::$instance) { - self::$instance = new LanguageManager(); - } - - return self::$instance; + self::$instance = new LanguageManager(); + } + + return self::$instance; } /** set language */