frio: sanitize $schema only if the variable is initialized

This commit is contained in:
rabuzarus 2017-10-24 14:44:31 +02:00
parent 2687a42e3c
commit 578dc6f967

View File

@ -61,7 +61,9 @@ if ($_REQUEST['schema']) {
$schema = $_REQUEST['schema']; $schema = $_REQUEST['schema'];
} }
$schema = basename($schema); // Sanitize the data.
$schema = !empty($schema) ? basename($schema) : "";
if (($schema) && ($schema != '---')) { if (($schema) && ($schema != '---')) {
if (file_exists('view/theme/frio/schema/' . $schema . '.php')) { if (file_exists('view/theme/frio/schema/' . $schema . '.php')) {
@ -96,7 +98,7 @@ $bgcolor = (empty($bgcolor) ? "#ededed" : $bgcolor);
$background_image = (empty($background_image) ? 'img/none.jpg' : $background_image); $background_image = (empty($background_image) ? 'img/none.jpg' : $background_image);
$modified = (empty($modified) ? time() :$modified); $modified = (empty($modified) ? time() :$modified);
$contentbg_transp = ((isset($contentbg_transp) && $contentbg_transp != "") ? $contentbg_transp : 100); $contentbg_transp = ((isset($contentbg_transp) && $contentbg_transp != "") ? $contentbg_transp : 100);
// Calculate some colors in dependance of existing colors. // Calculate some colors in dependance of existing colors.
// Some colors are calculated to don't have too many selection // Some colors are calculated to don't have too many selection