From 167012a2f6ae813782c30da586f86430d05dfabb Mon Sep 17 00:00:00 2001 From: Jaidyn Lev Date: Sat, 10 Nov 2018 13:59:04 -0600 Subject: [PATCH] Added < and > to blocked characters --- resources/library/sanitization.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/resources/library/sanitization.php b/resources/library/sanitization.php index 664cad0..c27a0a7 100644 --- a/resources/library/sanitization.php +++ b/resources/library/sanitization.php @@ -5,7 +5,7 @@ // Sanitize a filename by replacing common suspicious characters with "_". function sanitize_filename($filename) { - $death_characters = array(" ", ",", "/", "\\", "%", "$", "^"); + $death_characters = array(" ", ",", "<", ">", "/", "\\", "%", "$", "^"); $death_filetypes = array(".php", ".sh", ".lisp", ".cl", ".cgi", ".pl"); $sanitized_filename = str_replace($death_characters, "_", $filename);