diff options
author | Jim Hu <jimhu@users.sourceforge.net> | 2006-03-24 01:29:23 +0000 |
---|---|---|
committer | Jim Hu <jimhu@users.sourceforge.net> | 2006-03-24 01:29:23 +0000 |
commit | 81d948b960707aacd95a2ee94ee89c6db8eda6c6 (patch) | |
tree | 8ac5ca574331f94baf711df80e435708febc8cee /functions/init.inc.php | |
parent | 03057b77274de45639c7d29bb1fa010cb736a9bc (diff) | |
download | phpicalendar-81d948b960707aacd95a2ee94ee89c6db8eda6c6.tar.gz phpicalendar-81d948b960707aacd95a2ee94ee89c6db8eda6c6.tar.bz2 phpicalendar-81d948b960707aacd95a2ee94ee89c6db8eda6c6.zip |
security patch for template file from cookie. Other minor bug fixes
Diffstat (limited to 'functions/init.inc.php')
-rw-r--r-- | functions/init.inc.php | 4 |
1 files changed, 3 insertions, 1 deletions
diff --git a/functions/init.inc.php b/functions/init.inc.php index 7f55713..89a9b54 100644 --- a/functions/init.inc.php +++ b/functions/init.inc.php @@ -21,7 +21,9 @@ if (isset($_COOKIE['phpicalendar'])) { if (isset($phpicalendar['cookie_calendar'])) $default_cal_check = $phpicalendar['cookie_calendar']; if (isset($phpicalendar['cookie_cpath'])) $default_cpath_check= $phpicalendar['cookie_cpath']; if (isset($phpicalendar['cookie_view'])) $default_view = $phpicalendar['cookie_view']; - if (isset($phpicalendar['cookie_style'])) $template = $phpicalendar['cookie_style']; + if (isset($phpicalendar['cookie_style']) && is_dir(BASE.'templates/'.$phpicalendar['cookie_style'].'/')){ + $template = $phpicalendar['cookie_style']; + } if (isset($phpicalendar['cookie_startday'])) $week_start_day = $phpicalendar['cookie_startday']; if (isset($phpicalendar['cookie_time'])) $day_start = $phpicalendar['cookie_time']; } |