[Patches] [PATCH] [3.2.x] Bug 6628 fixing security vulnerability

[koha-patchbot at kohaaloha.com]

From: Chris Cormack <chrisc at catalyst.net.nz>
Date: Mon, 28 Nov 2011 23:14:32 +1300
Subject: [PATCH] [3.2.x] Bug 6628 fixing security vulnerability

---
 help.pl |    5 ++++-
 1 files changed, 4 insertions(+), 1 deletions(-)

diff --git a/help.pl b/help.pl
index f871e3c..2da9044 100755
--- a/help.pl
+++ b/help.pl
@@ -37,7 +37,10 @@ if ($referurl) {
 }
 
 $refer =~ /.*koha\/(.*)\.pl.*/;
-my $from = "modules/help/$1.tmpl";
+my $file = $1;
+$file =~ s/[^a-zA-Z0-9_\-\/]*//g;
+my $from = "modules/help/$file.tmpl";
+
 
 my $template = gethelptemplate( $from, "intranet" );
 
-- 
1.7.5.4