Skip to content

Commit

Permalink
sec(Documents) sanitize and limit folder name and description
Browse files Browse the repository at this point in the history
  • Loading branch information
@joebordes
joebordes committed Jun 2, 2023
1 parent 5e87fbc commit e87f77c
Showing 1 changed file with 2 additions and 2 deletions.
4 changes: 2 additions & 2 deletions modules/Documents/SaveFolder.php
View file
Expand Up @@ -15,8 +15,8 @@

$local_log = LoggerManager::getLogger('index');
$folderid = isset($_REQUEST['record']) ? vtlib_purify($_REQUEST['record']) : '';
$foldername = utf8RawUrlDecode($_REQUEST['foldername']);
$folderdesc = utf8RawUrlDecode($_REQUEST['folderdesc']);
$foldername = substr(vtlib_purify(trim(utf8RawUrlDecode($_REQUEST['foldername']))), 0, 20);
$folderdesc = substr(vtlib_purify(trim(utf8RawUrlDecode($_REQUEST['folderdesc']))), 0, 50);

if (isset($_REQUEST['savemode']) && $_REQUEST['savemode'] == 'Save') {
if ($folderid == '') {
Expand Down

0 comments on commit e87f77c

Please sign in to comment.