From 08cc7f673c377bf88897743e340097e93f1e95f4 Mon Sep 17 00:00:00 2001
From: ftimme <ft@falkotimme.com>
Date: Wed, 16 Jan 2013 09:30:05 -0500
Subject: [PATCH] - Changed regex for redirect path (Web sites, subdomains, vhost subdomains, alias domains) and web folder (vhost subdomains) so that ".." is not allowed (in order to prevent path traversals). - nginx: don't allow folders for proxy redirects (subdomains and alias domains); URL is required. - nginx: modified rewriting.

---
 interface/lib/classes/simplepie.inc.php |    6 +++---
 1 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/interface/lib/classes/simplepie.inc.php b/interface/lib/classes/simplepie.inc.php
index 6ddc0e0..564fad5 100644
--- a/interface/lib/classes/simplepie.inc.php
+++ b/interface/lib/classes/simplepie.inc.php
@@ -10865,7 +10865,7 @@
 		return $output . $data;
 	}
 
-	function parse_date($dt)
+	static function parse_date($dt)
 	{
 		$parser = SimplePie_Parse_Date::get();
 		return $parser->parse($dt);
@@ -12151,7 +12151,7 @@
 		}
 		else
 		{
-			$this->query = $this->replace_invalid_with_pct_encoding($query, 'ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789-._~!$\'()*+,;:@/?');
+			$this->query = $this->replace_invalid_with_pct_encoding($query, 'ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789-._~!$\'()*+,;:@/?&=');
 		}
 		$this->valid[__FUNCTION__] = true;
 		return true;
@@ -13065,7 +13065,7 @@
 	 *
 	 * @access public
 	 */
-	function get()
+	static function get()
 	{
 		static $object;
 		if (!$object)

--
Gitblit v1.9.1