iger
/
engelsystem
9
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

secure page selection

This commit is contained in:
Philip Häusler 2011-06-13 19:04:16 +02:00
parent 04973d1fa1
commit 377c24e13d
1 changed files with 1 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
public/index.php
View File

@ -28,7 +28,7 @@ if (isset ($_REQUEST['auth']))
// Gewünschte Seite/Funktion
$p = isset ($user) ? "news" : "start";
if (isset ($_REQUEST['p']))
if (isset ($_REQUEST['p']) && preg_match("/^[a-z0-9_]*$/i", $_REQUEST['p']) && sql_num_query("SELECT * FROM `Privileges` WHERE `name`='" . sql_escape($_REQUEST['p']) . "' LIMIT 1") > 0)
$p = $_REQUEST['p'];
$title = Get_Text($p);