@@ -43,7 +43,7 @@ $currentTool=$_SESSION['whereami'];
$dirBaseDocuments = api_get_path(SYS_COURSE_PATH).$_course['path'].'/document';
$saveDir=$dirBaseDocuments.$_SESSION['paint_dir'];
$contents = file_get_contents($urlcontents);
-echo $urlcontents;
+
//Verify that the URL is pointing to a file @ pixlr.com domain or ip
if (strpos($urlcontents, "pixlr.com") == 0 && strpos($urlcontents, "69.164.195.250") == 0 && strpos($urlcontents, "173.255.196.130") == 0){
echo "Invalid referrer";
Juan Carlos Raña