From affe34b9d9845de37aae90eaa9a7ed8a76edce9a Mon Sep 17 00:00:00 2001
From: simontosser <simontosser>
Date: Thu, 25 Aug 2005 10:20:13 +0000
Subject: [PATCH] =?UTF-8?q?fix=20securite:=20Correction=20d'une=20faille?=
 =?UTF-8?q?=20de=20s=E9curit=E9=20sur=20le=20wrapper?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 htdocs/document.php | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/htdocs/document.php b/htdocs/document.php
index ff6f7b90007..42c59be96a8 100644
--- a/htdocs/document.php
+++ b/htdocs/document.php
@@ -39,6 +39,9 @@ $original_file = urldecode($_GET["file"]);
 $modulepart = urldecode($_GET["modulepart"]);
 $type = urldecode($_GET["type"]);
 
+//Suppression de la chaine de caractère ../ dans $original_file
+$original_file = str_replace("../","/", "$original_file");
+
 $accessallowed=0;
 if ($modulepart)
 {