From e32a48fd73c0562eb2e5f8eac97b90dd32a72d94 Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Wed, 9 Feb 2005 19:37:21 +0000 Subject: [PATCH] =?UTF-8?q?Fix:=20Pb=20s=E9curit=E9=20avec=20wrapper.=20Le?= =?UTF-8?q?s=20chemins=20recus=20par=20le=20wrapper=20doivent=20tous=20etr?= =?UTF-8?q?e=20obligatoirement=20relatifs=20et=20compl=E9t=E9s=20par=20le?= =?UTF-8?q?=20wrapper=20sous=20peine=20d'autoriser=20le=20t=E9l=E9chargeme?= =?UTF-8?q?nt=20de=20n'importe=20quel=20fichier=20du=20disque.=20Je=20reme?= =?UTF-8?q?t=20le=20compl=E9ment=20du=20path=20dans=20le=20wrapper=20et=20?= =?UTF-8?q?je=20change=20au=20niveau=20de=20l'appelant=20pour=20passer=20n?= =?UTF-8?q?on=20pas=20un=20chemin=20complet=20mais=20un=20chemin=20relatif?= =?UTF-8?q?.?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- htdocs/compta/prelevement/fiche.php | 4 ++-- htdocs/document.php | 2 +- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/htdocs/compta/prelevement/fiche.php b/htdocs/compta/prelevement/fiche.php index cb8d5804b5d..68b86046eef 100644 --- a/htdocs/compta/prelevement/fiche.php +++ b/htdocs/compta/prelevement/fiche.php @@ -114,9 +114,9 @@ if ($_GET["id"]) print ''.$langs->trans("Amount").''.price($bon->amount).''; print ''.$langs->trans("File").''; - $encfile = urlencode(DOL_DATA_ROOT.'/prelevement/bon/'.$bon->ref); + $relativepath = 'bon/'.$bon->ref; - print ''.$bon->ref.''; + print ''.$bon->ref.''; print ''; diff --git a/htdocs/document.php b/htdocs/document.php index 6cd436271d7..eb222a6e504 100644 --- a/htdocs/document.php +++ b/htdocs/document.php @@ -73,7 +73,7 @@ if ($modulepart) { $accessallowed=1; } - //$original_file=$conf->prelevement->dir_output.'/'.$original_file; + $original_file=$conf->prelevement->dir_output.'/'.$original_file; } // Wrapping pour les propales