You are not logged in.
Pages: 1
Hello There,
Thank you for Opening my Topic,
I have Recently Upgraded my GLPI v0.72 to v0.78.2.
Every thing Seems Great , But i Opened the Statistics Page (Graphs)
then i Got }{> Security attack ..! <}{ ??
I think Its a PHP Thing ,
but im sure you can Help ^_^
Thank you !
Offline
more informations about your environnement ?
http://www.glpi-project.org/forum/viewt … p?id=10279
MoYo - Julien Dombre - Association INDEPNET
Contribute to GLPI : Support Contribute References Freshmeat
Offline
more informations about your environnement ?
http://www.glpi-project.org/forum/viewt … p?id=10279
Sorry !
OS : RHEL 5
PHP 5.1
glpi version 0.78.2
Old glpi version 0.72
Offline
Any Assistance !
Offline
We are on sunday... Sometimes the glpi community take care about it's family or other things...
Your problem does'nt seems to
be relevant to GLPI but with a sysadmin problem.
I think you would probably find more help in a RHEL forum...
JMD / Jean-Mathieu Doléans - Glpi-project.org - Association Indepnet
Apportez votre pierre au projet GLPI : Soutenir
Offline
Hellow...
The same problem here, but i using Fedora 14, PHP 5.3.5 and MySQL 5.1.55. My GLPI is the 0.78.3...
Can anyone help us?
Thanks!
Offline
OK, here is my solution...
I located in the file /inc/commons.function.php the function "sendFile" and in the first IF, the first condition i removed the: "../"
Now my condition is: if (strstr($tmpfile, "") || strstr($tmpfile, "..\\") {...
The graphics now appear, but if there were any negative result, I will know later! But i do not believe this will generate some negative result, because this IF, in this function only checks if the GLPI is looking for a file outside of your installation directory ...
I hope it will be useful to someone!
Sorry for my english..
Cheers from Brazil!
Last edited by gabrieldepaula (2011-04-12 21:14:08)
Offline
OK, here is my solution...
I located in the file /inc/commons.function.php the function "sendFile" and in the first IF, the first condition i removed the: "../"
Now my condition is: if (strstr($tmpfile, "") || strstr($tmpfile, "..\\") {...
The graphics now appear, but if there were any negative result, I will know later! But i do not believe this will generate some negative result, because this IF, in this function only checks if the GLPI is looking for a file outside of your installation directory ...
I hope it will be useful to someone!
Sorry for my english..
Cheers from Brazil!
Had the same issue in when upgrading to version 0.83.6, however it was also located in the file /inc/toolboxclass.php under the same function name "sendFile".
Offline
Pages: 1