https://sourceforge.net/p/phpanti-leech/bugs/Recent changes to bugsenSun, 12 Apr 2009 09:52:37 -0000https://sourceforge.net/p/phpanti-leech/bugs/1/<div class="markdown_content"><p>File: download.php<br /> It seems to me that instead of string:<br /> if(strpos($fullfilename,"..")==true){</p> <p>Should be:<br /> if(strpos($fullfilename,'..')!==false){</p> <p>For example: function strpos ('./path/file.zip ', '. ') will return 0 which it will be transformed to false</p></div>AnonymousSun, 12 Apr 2009 09:52:37 -0000https://sourceforge.net3aa264478dd1820d53cf20ec2d4a5d2a22b3ce8d