X-Git-Url: https://delta.frontaccounting.com/gitweb/?a=blobdiff_plain;f=includes%2Flang%2Flanguage.php;h=0727222cd09a6338c3ea56ec0c82977815a0bea3;hb=8864b1ec0fd3321e510511ef22614bc36845540e;hp=059901cfc66cfee89278b72f929ea583d6973b3e;hpb=4cf1c3dbb9ae74e0c47dda456f7ac97c7659b3fa;p=fa-stable.git

diff --git a/includes/lang/language.php b/includes/lang/language.php
index 059901cf..0727222c 100644
--- a/includes/lang/language.php
+++ b/includes/lang/language.php
@@ -9,6 +9,9 @@
     MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  
     See the License here <http://www.gnu.org/licenses/gpl-3.0.html>.
 ***********************************************************************/
+// Prevent register_globals vulnerability
+if (isset($_GET['path_to_root']) || isset($_POST['path_to_root']))
+	die("Restricted access");
 include_once($path_to_root . "/lang/installed_languages.inc");
 include_once($path_to_root . "/includes/lang/gettext.php");