fernando/luos
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Merged in mcuiza/processmaker/veracode-medium-issues (pull request #1867)

Browse Source 
veracode medium issues
This commit is contained in:
Julio Cesar Laura Avendaño
2015-04-08 13:45:11 -04:00
parent 77b0d8d4de cac0c4e96e
commit bb6945e466
10 changed files with 39 additions and 9 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
workflow/engine/classes/class.system.php
View File

@@ -287,6 +287,7 @@ class System
$tempFilename = isset( $_FILES['form']['tmp_name']['UPGRADE_FILENAME'] ) ? $_FILES['form']['tmp_name']['UPGRADE_FILENAME'] : '';
$this->sRevision = str_replace( '.tar.gz', '', str_replace( 'pmos-patch-', '', $upgradeFilename ) );
$sTemFilename = $tempFilename;
$sTemFilename = $filter->xssFilterHard($sTemFilename, 'path');
$pathFile = $filter->xssFilterHard(PATH_DATA . 'upgrade' . PATH_SEP . $upgradeFilename, 'path');
$this->sFilename = $pathFile;
$this->sPath = dirname( $this->sFilename ) . PATH_SEP;