Fix security hole

2015-09-13 22:50:08 +02:00 · 2015-09-13 22:50:08 +02:00 · 3b01b8cb47
commit 3b01b8cb47
parent 4eedec0274
1 changed files with 3 additions and 1 deletions
--- a/htdocs/filefunc.inc.php
+++ b/htdocs/filefunc.inc.php
@ -67,7 +67,9 @@ $conffiletoshow = "htdocs/conf/conf.php";

 // Include configuration
 // --- End of part replaced by Dolibarr packager makepack-dolibarr
+
 // Replace conf filename with "conf" parameter on url by GET
+/* Disabled. This is a serious security hole
 if (! empty($_GET['conf']))
 {
 	$confname=basename($_GET['conf']);
@ -77,7 +79,7 @@ if (! empty($_GET['conf']))
 	$confname=basename(empty($_COOKIE['dolconf']) ? 'conf' : $_COOKIE['dolconf']);
 	$conffile = 'conf/'.$confname.'.php';
 }
-
+*/

 // Include configuration
 $result=@include_once $conffile;	// Keep @ because with some error reporting this break the redirect