lkddi/nexusphp
1
0
Fork 0
mirror of https://github.com/lkddi/nexusphp.git synced 2026-04-15 05:00:49 +08:00
Code Issues Packages Projects Releases Wiki Activity

Fix formatImg() security issue

Browse Source
This commit is contained in:
xiaomlove
2023-07-19 02:32:02 +08:00
parent 61cb2bb6bb
commit 30aae54673
3 changed files with 17 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

10
include/globalfunctions.php
View File

@@ -1195,3 +1195,13 @@ function has_role_work_seeding($uid)
return $result;
}
function is_danger_url($url): bool
{
$dangerScriptsPattern = "/(logout|login|ajax|announce|scrape|adduser|modtask|take.*)\.php/i";
$match = preg_match($dangerScriptsPattern, $url);
if ($match > 0) {
return true;
}
return false;
}