From af198950cac0e771bdd912c1e4c3b0f5c4ce2d69 Mon Sep 17 00:00:00 2001
From: real_nowhereman <real_nowhereman@aa359531-4221-0410-9edc-b0b45c38dadb>
Date: Sat, 26 Sep 2009 15:55:21 +0000
Subject: [PATCH] local file inclusion

---
 comments.php                    | 2 +-
 fp-includes/core/core.users.php | 3 ++-
 2 files changed, 3 insertions(+), 2 deletions(-)

diff --git a/comments.php b/comments.php
index cc50db3..2de01af 100644
--- a/comments.php
+++ b/comments.php
@@ -99,7 +99,7 @@
 
 				$name 	= trim(stripslashes(@$_POST['name']));
 				$email 	= isset($_POST['email'])? trim($_POST['email']) : null;
-				$url 	= isset($_POST['url'])? trim(stripslashes($_POST['url'])) : null;
+				$url 	= isset($_POST['url'])? trim(stripslashes(htmlspecialchars($_POST['url']))) : null;
 				
 				/*
 				 * check name
diff --git a/fp-includes/core/core.users.php b/fp-includes/core/core.users.php
index d6022b7..c12f53d 100755
--- a/fp-includes/core/core.users.php
+++ b/fp-includes/core/core.users.php
@@ -103,7 +103,8 @@
 		if ($userid == null && ($user = user_loggedin())) {
 			return $user;
 		} 
-		if (file_exists($f = USERS_DIR . $userid.".php")) {
+		if (!preg_match('![/\\.]!', $userid) &&
+			file_exists($f = USERS_DIR . $userid.".php")) {
 			include($f);
 			
 			return $user;