search

Comos / tage

Tage, the PHP template engine. Developing...
GNU General Public License v3.0
4 stars 2 forks source link

Enhance Tpl Preparer safety. #19

Open 13leaf opened 9 years ago

13leaf commented 9 years ago

I see the t include path was simply get by 'tplDir+id'. I think we should protect id inject (which may try to access out of tplDir).

bigbigant commented 9 years ago

OK. I'll fix it.