fernando/luos
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

VERACODE: I solved the Cross-Site Scripting(18 flaws) [May 01]

Browse Source
This commit is contained in:
Paula V. Quispe
2015-05-04 15:37:35 -04:00
parent 04d40500b1
commit a9359b0956
4 changed files with 55 additions and 43 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
workflow/engine/methods/setup/pluginsRemove.php
View File

@@ -44,13 +44,13 @@ $filter = new InputFilter();
$pluginName = $_REQUEST['pluginUid'];
$pluginName = $filter->xssFilterHard($pluginName);
if (file_exists( PATH_PLUGINS . $pluginName . ".php" )) {
if (file_exists( PATH_PLUGINS . $pluginName . '.php' )) {
$pluginRegistry = &PMPluginRegistry::getSingleton();
$pluginRegistry->uninstallPlugin( $pluginName );
$path = $filter->validateInput(PATH_DATA_SITE . 'plugin.singleton', 'path');
$pluginRegistry->unSerializeInstance( file_get_contents( $path ) );
}
G::auditLog("RemovePlugin","Plugin Name: ".$pluginName);
G::auditLog('RemovePlugin','Plugin Name: '.$pluginName);
echo $pluginName . ' ' . nl2br( $filter->xssFilterHard(G::LoadTranslation( 'ID_MSG_REMOVE_PLUGIN_SUCCESS' )) );