From 952dc6921acb275de74dd33be2ecb01986bfdd49 Mon Sep 17 00:00:00 2001
From: msquare <msquare@notrademark.de>
Date: Thu, 14 Dec 2017 14:56:29 +0100
Subject: undo of fix #382: XXE DoS in engelsystem - the feature is actually
 needed for xcal files

---
 includes/pages/admin_import.php | 2 --
 1 file changed, 2 deletions(-)

(limited to 'includes')

diff --git a/includes/pages/admin_import.php b/includes/pages/admin_import.php
index 4faca183..4b0f35de 100644
--- a/includes/pages/admin_import.php
+++ b/includes/pages/admin_import.php
@@ -80,7 +80,6 @@ function admin_import()
                 if (isset($_FILES['xcal_file']) && ($_FILES['xcal_file']['error'] == 0)) {
                     if (move_uploaded_file($_FILES['xcal_file']['tmp_name'], $import_file)) {
                         libxml_use_internal_errors(true);
-                        libxml_disable_entity_loader(true);
                         if (simplexml_load_file($import_file) === false) {
                             $valid = false;
                             error(_('No valid xml/xcal file provided.'));
@@ -425,7 +424,6 @@ function read_xml($file)
     global $xml_import;
     if (!isset($xml_import)) {
         libxml_use_internal_errors(true);
-        libxml_disable_entity_loader(true);
         $xml_import = simplexml_load_file($file);
     }
     return $xml_import;
-- 
cgit v1.2.3-54-g00ecf