Rooba
/
boinc
mirror of https://github.com/BOINC/boinc.git
1
0
Fork 0
Code Issues 1 Packages Projects Releases Wiki Activity

check GET args of buda_submit.php

This commit is contained in:
David Anderson 2024-11-25 14:53:38 -08:00
parent b6654b894f
commit f70ae7f529
1 changed files with 5 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
html/user/buda_submit.php
View File

@ -30,7 +30,9 @@ function submit_form($user) {
error_page("No .zip files in your sandbox.");
}
$app = get_str('app');
if (!is_valid_filename($app)) die('bad arg');
$variant = get_str('variant');
if (!is_valid_filename($variant)) die('bad arg');
$desc = "<br><small>
A zipped directory with one subdirectory per job,
@ -300,8 +302,11 @@ function handle_submit($user) {
error_page("No buda app found");
}
$app = get_str('app');
if (!is_valid_filename($app)) die('bad arg');
$variant = get_str('variant');
if (!is_valid_filename($variant)) die('bad arg');
$batch_file = get_str('batch_file');
if (!is_valid_filename($batch_file)) die('bad arg');
$variant_dir = "../../buda_apps/$app/$variant";
$variant_desc = json_decode(