diff options
| author | xue <> | 2006-02-18 02:25:34 +0000 |
|---|---|---|
| committer | xue <> | 2006-02-18 02:25:34 +0000 |
| commit | 8b9a5c2f0d5025e29a5477ea8cc8937db49b0341 (patch) | |
| tree | 938ad05685a430d344e3bf1957f5d3ccd0d1e9ce /framework/Web/UI/WebControls/TTextHighlighter.php | |
| parent | cba0c1b472cec22e4ffed2b3b084bea27cd26582 (diff) | |
Fixed a security issue about usage of Prado::getPathOfNamespace.
Diffstat (limited to 'framework/Web/UI/WebControls/TTextHighlighter.php')
| -rw-r--r-- | framework/Web/UI/WebControls/TTextHighlighter.php | 3 |
1 files changed, 2 insertions, 1 deletions
diff --git a/framework/Web/UI/WebControls/TTextHighlighter.php b/framework/Web/UI/WebControls/TTextHighlighter.php index 281f131e..4eec7de1 100644 --- a/framework/Web/UI/WebControls/TTextHighlighter.php +++ b/framework/Web/UI/WebControls/TTextHighlighter.php @@ -122,7 +122,8 @@ class TTextHighlighter extends TWebControl $cssKey='prado:TTextHighlighter';
if(!$cs->isStyleSheetFileRegistered($cssKey))
{
- $cssFile=Prado::getPathOfNamespace('System.3rdParty.geshi.highlight','.css');
+ if(($cssFile=Prado::getPathOfNamespace('System.3rdParty.geshi.highlight','.css'))===null)
+ throw new TConfigurationException('texthighlighter_stylesheet_invalid');
$styleSheet = $this->publishFilePath($cssFile);
$cs->registerStyleSheetFile($cssKey, $styleSheet);
}
|