Mercurial Mercurial > repos > enano-1.1 / changeset
summary | shortlog | changelog | graph | tags | bookmarks | branches | files | changeset | raw | help
Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
SECURITY: Fix path disclosure in Special:Captcha
authorDan Fuhry <dan@enanocms.org>
Tue, 16 Nov 2010 12:10:24 -0500
changeset 1313 da50b017af94
parent 1312 e6c6b42a5a51
child 1314 29b14c220a78
SECURITY: Fix path disclosure in Special:Captcha
plugins/SpecialUserFuncs.php file | annotate | diff | comparison | revisions 
--- a/plugins/SpecialUserFuncs.php	Mon Nov 15 19:21:47 2010 -0500
+++ b/plugins/SpecialUserFuncs.php	Tue Nov 16 12:10:24 2010 -0500
@@ -1373,7 +1373,14 @@
 		$db->_die();
 	
 	require ( ENANO_ROOT.'/includes/captcha.php' );
-	$captcha = captcha_object($hash, 'freecap');
+	try
+	{
+		$captcha = captcha_object($hash, 'freecap');
+	}
+	catch ( Exception $e )
+	{
+		die("CAPTCHA engine returned a hard exception");
+	}
 	// $captcha->debug = true;
 	$captcha->make_image();
Enano CMS (1.1.x)