diff options
-rwxr-xr-x | includes/inc_stream.php | 4 | ||||
-rwxr-xr-x | includes/inc_video.php | 2 |
2 files changed, 5 insertions, 1 deletions
diff --git a/includes/inc_stream.php b/includes/inc_stream.php index 930c332..3b36e8b 100755 --- a/includes/inc_stream.php +++ b/includes/inc_stream.php @@ -95,7 +95,7 @@ foreach ($quality as $qname => $qparams) $mediapath = $_REQUEST['mediapath']; $subdir = $_REQUEST['subdir']; print " <input name=\"mediapath\" type=\"hidden\" id=\"mediapath\" value=\"{$mediapath}\" />\r\n"; - print " <input name=\"subdir\" type=\"hidden\" id=\"subdir\" value=\"{$subdir}\" />\r\n"; + print " <input name=\"subdir\" type=\"hidden\" id=\"subdir\" value=\"" . stripslashes(subdir) . "\" />\r\n"; // NO BREAK case 2: print " <input name=\"url\" type=\"hidden\" id=\"url\" value=\"" . stripslashes($name) ."\" />\r\n"; @@ -126,6 +126,8 @@ switch ($type) case 3: $mediapath = $_REQUEST['mediapath']; $subdir = $_REQUEST['subdir']; + $subdir = stripslashes($subdir); + print " <input name=\"action\" type=\"hidden\" id=\"action\" value=\"video\" />"; print " <input name=\"mediapath\" type=\"hidden\" id=\"mediapath\" value=\"{$mediapath}\" />\r\n"; print " <input name=\"subdir\" type=\"hidden\" id=\"subdir\" value=\"{$subdir}\" />\r\n"; diff --git a/includes/inc_video.php b/includes/inc_video.php index dc3f8e0..399326c 100755 --- a/includes/inc_video.php +++ b/includes/inc_video.php @@ -2,6 +2,8 @@ $mediapath = $_REQUEST['mediapath']; $subdir = $_REQUEST['subdir']; +$mediapath = stripslashes($mediapath); +$subdir = stripslashes($subdir); /* Add last slash to dirs */ if ($mediapath[strlen($mediapath)-1] != '/') |