Ignore:
Timestamp:
2007/07/10 22:12:44 (15 years ago)
Author:
adati
Message:

任意のドライブおよび、フォルダの画像ファイル等にアクセスが可能な脆弱性を修正

File:
1 edited

Legend:

Unmodified
Added
Removed
  • branches/rel/data/Smarty/templates/shopping/confirm.tpl

    r12157 r15035  
    4646                        <td align="center"> 
    4747                            <a href="<!--{$smarty.server.PHP_SELF|escape}-->" onclick="win01('../products/detail_image.php?product_id=<!--{$arrProductsClass[cnt].product_id}-->&image=main_image','detail_image','<!--{$arrProductsClass[cnt].tpl_image_width}-->','<!--{$arrProductsClass[cnt].tpl_image_height}-->'); return false;" target="_blank"> 
    48                                 <img src="<!--{$smarty.const.SITE_URL}-->resize_image.php?image=<!--{$smarty.const.IMAGE_SAVE_DIR}-->/<!--{$arrProductsClass[cnt].main_list_image}-->&width=65&height=65" alt="<!--{$arrProductsClass[cnt].name|escape}-->"> 
     48                                <img src="<!--{$smarty.const.SITE_URL}-->resize_image.php?image=<!--{$arrProductsClass[cnt].main_list_image}-->&width=65&height=65" alt="<!--{$arrProductsClass[cnt].name|escape}-->"> 
    4949                            </a> 
    5050                        </td> 
Note: See TracChangeset for help on using the changeset viewer.