khanh.pndc/nextcloud-docs
1
0
Fork 0
mirror of https://github.com/nextcloud/documentation.git synced 2026-01-03 18:26:42 +07:00
Code Issues Packages Projects Releases Wiki Activity

Add missing '

Browse Source
This commit is contained in:
Lukas Reschke
2013-03-15 16:36:03 +01:00
parent edb1e94a46
commit 9b63ab517f
1 changed files with 2 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
developer_manual/general/security.rst
View File

@@ -123,7 +123,7 @@ Code executions and file inclusions can be easily prevented by **never** allowin
.. code-block:: php
<?php
require("/includes/" . $_GET['file]);
require("/includes/" . $_GET['file']);
.. note:: If you have to pass user input to a potential dangerous, double check to be sure that there is no other way. If it is not possible otherwise sanitize every user parameter and ask people to audit your sanitize function.
@@ -137,7 +137,7 @@ Very often developers forget about sanitizing the file path (removing all \ and
<?php
$username = OC_User::getUser();
fopen("/data/" . $username . "/" . $_GET['file] . ".txt");
fopen("/data/" . $username . "/" . $_GET['file'] . ".txt");
**DO**