From 63f263b182aa76352e70e15d3bdc71c53e58341e Mon Sep 17 00:00:00 2001
From: Tim Starling <tstarling@users.mediawiki.org>
Date: Mon, 28 Feb 2011 02:35:57 +0000
Subject: [PATCH] Revert r81576: The fact that there are two checks, one close
 to the inclusion and one exposed to the user, was a deliberate security
 measure. Only the fact that they are the same was intended to be temporary.

---
 languages/Language.php | 8 ++++++--
 1 file changed, 6 insertions(+), 2 deletions(-)

diff --git a/languages/Language.php b/languages/Language.php
index b8515f3669..3501bd5a7a 100644
--- a/languages/Language.php
+++ b/languages/Language.php
@@ -156,7 +156,9 @@ class Language {
 		static $recursionLevel = 0;
 
 		// Protect against path traversal below
-		if ( !Language::isValidCode( $code ) ) {
+		if ( !Language::isValidCode( $code ) 
+			|| strcspn( $code, "/\\\000" ) !== strlen( $code ) ) 
+		{
 			throw new MWException( "Invalid language code \"$code\"" );
 		}
 
@@ -2856,7 +2858,9 @@ class Language {
 	 */
 	static function getFileName( $prefix = 'Language', $code, $suffix = '.php' ) {
 		// Protect against path traversal
-		if ( !Language::isValidCode( $code ) ) {
+		if ( !Language::isValidCode( $code ) 
+			|| strcspn( $code, "/\\\000" ) !== strlen( $code ) ) 
+		{
 			throw new MWException( "Invalid language code \"$code\"" );
 		}
 		
-- 
2.20.1