Minor fix to commit fff1980dd0a7cfd88dfbf2d8f1acb1f4b53a929a
authorbradymiller <bradymiller@users.sourceforge.net>
Fri, 8 Feb 2013 19:27:19 +0000 (8 11:27 -0800)
committerbradymiller <bradymiller@users.sourceforge.net>
Fri, 8 Feb 2013 19:27:19 +0000 (8 11:27 -0800)
interface/super/manage_site_files.php

index 071b8ee..0b257c1 100644 (file)
@@ -40,7 +40,7 @@ while ($lrow = sqlFetchArray($lres)) {
   $my_files[] = "LBF/$option_id.plugin.php";
 }
 
-$form_filename = formData('form_filename');
+$form_filename = strip_escape_custom($_REQUEST['form_filename']);
 // Sanity check to prevent evildoing.
 if (!in_array($form_filename, $my_files)) $form_filename = '';
 $filepath = "$OE_SITE_DIR/$form_filename";