frio: sanitise $schema

diff --git a/view/theme/frio/style.php b/view/theme/frio/style.php
index 7b1b8a350d2a96b38afb2a94acaf69091d5915e6..c227c354f8a4ebf5c12e9fd10ed32c0534e72615 100644 (file)
--- a/view/theme/frio/style.php
+++ b/view/theme/frio/style.php
@@ -60,6 +60,9 @@ if (! $a->install) {
 if ($_REQUEST['schema']) {
        $schema = $_REQUEST['schema'];
 }
+
+$schema = basename($schema);
+
 if (($schema) && ($schema != '---')) {
        if (file_exists('view/theme/frio/schema/' . $schema . '.php')) {
                $schemefile = 'view/theme/frio/schema/' . $schema . '.php';