Fix: Security hole

2008-08-03 23:03:27 +00:00 · 2008-08-03 23:03:27 +00:00 · 062c4c55dd
commit 062c4c55dd
parent 0fbf387482
2 changed files with 7 additions and 53 deletions
--- a/htdocs/dossier/client/fiche.php
+++ b/htdocs/dossier/client/fiche.php
@ -1,6 +1,6 @@
 <?PHP
 /* Copyright (C) 2004      Rodolphe Quiedeville <rodolphe@quiedeville.org>
- * Copyright (C) 2004-2005 Laurent Destailleur  <eldy@users.sourceforge.net>
+ * Copyright (C) 2004-2008 Laurent Destailleur  <eldy@users.sourceforge.net>
 *
 * This program is free software; you can redistribute it and/or modify
 * it under the terms of the GNU General Public License as published by
@ -18,10 +18,12 @@
 */

 /**
-        \file       htdocs/dossier/client/fiche.php
-        \brief      Page des dossiers clients
-        \version    $Id$
-*/
+ *       \file       htdocs/dossier/client/fiche.php
+ *       \brief      Page des dossiers clients
+ *       \version    $Id$
+ *		\TODO	Remove dossier directory and link to it on code where a test
+ * 				is made on MAIN_MODULE_DOSSIER.
+ */

 require("./pre.inc.php");
 require_once(DOL_DOCUMENT_ROOT.'/client.class.php');
--- a/htdocs/dossier/client/image.php
+++ b/htdocs/dossier/client/image.php
@ -1,48 +0,0 @@
-<?PHP
-/* Copyright (C) 2004 Rodolphe Quiedeville <rodolphe@quiedeville.org>
- *
- * This program is free software; you can redistribute it and/or modify
- * it under the terms of the GNU General Public License as published by
- * the Free Software Foundation; either version 2 of the License, or
- * (at your option) any later version.
- *
- * This program is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
- * GNU General Public License for more details.
- *
- * You should have received a copy of the GNU General Public License
- * along with this program; if not, write to the Free Software
- * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
- *
- * $Id$
- * $Source$
- *
- */
-
-
-$handle = imagick_readimage( $_GET["file"] ) ;
-
-
-if ( imagick_iserror( $handle ) )
-{
-  $reason      = imagick_failedreason( $handle ) ;
-  $description = imagick_faileddescription( $handle ) ;
-  
-  print "handle failed!<BR>\nReason: $reason<BR>\nDescription: $description<BR>\n" ;
-  exit ;
-}
-
-if ( !( $image_data = imagick_image2blob( $handle ) ) )
-{
-  $reason      = imagick_failedreason( $handle ) ;
-  $description = imagick_faileddescription( $handle ) ;
-  
-  print "imagick_image2blob() failed<BR>\nReason: $reason<BR>\nDescription: $description<BR>\n" ;
-  exit ;
-}
-
-//header( "Content-type: " . imagick_getmimetype( $handle ) ) ;
-print $image_data ;
-
-?>