kontakt
/
engelsystem
3
0
Fork 0
Code Issues 12 Pull Requests Projects Releases Wiki Activity

secure page selection

Browse Source
main
Philip Häusler 14 years ago
parent 04973d1fa1
commit 377c24e13d
1 changed files with 1 additions and 1 deletions
Show Stats Download Patch File Download Diff File

2
public/index.php
Unescape Escape View File

@ -28,7 +28,7 @@ if (isset ($_REQUEST['auth']))
// Gewünschte Seite/Funktion // Gewünschte Seite/Funktion
$p = isset ($user) ? "news" : "start"; $p = isset ($user) ? "news" : "start";
if (isset ($_REQUEST['p'])) if (isset ($_REQUEST['p']) && preg_match("/^[a-z0-9_]*$/i", $_REQUEST['p']) && sql_num_query("SELECT * FROM `Privileges` WHERE `name`='" . sql_escape($_REQUEST['p']) . "' LIMIT 1") > 0)
$p = $_REQUEST['p']; $p = $_REQUEST['p'];
$title = Get_Text($p); $title = Get_Text($p);

Write Preview
Loading…
Cancel
Save