diff options
| author | Michael Hamann <michael@content-space.de> | 2012-07-08 19:54:35 +0200 |
|---|---|---|
| committer | Michael Hamann <michael@content-space.de> | 2012-07-08 19:54:35 +0200 |
| commit | 0cbe4a256be369c144a04d6a968bc66c18c4e0ac (patch) | |
| tree | 2c4fddc071e3318f32b727bb0b4e6eaae55793a7 /inc/farm.php | |
| parent | d867cca366d1a7aa106bec98db52a2b416b10c26 (diff) | |
| download | rpg-0cbe4a256be369c144a04d6a968bc66c18c4e0ac.tar.gz rpg-0cbe4a256be369c144a04d6a968bc66c18c4e0ac.tar.bz2 | |
Check that animal name is a string, better error message if not
Diffstat (limited to 'inc/farm.php')
| -rw-r--r-- | inc/farm.php | 6 |
1 files changed, 3 insertions, 3 deletions
diff --git a/inc/farm.php b/inc/farm.php index 51b0c0f78..37ae24c16 100644 --- a/inc/farm.php +++ b/inc/farm.php @@ -46,9 +46,9 @@ function conf_path($farm) { if(isset($_REQUEST['animal']) || ('cli' == php_sapi_name() && isset($_SERVER['animal']))) { $mode = isset($_REQUEST['animal']) ? 'htaccess' : 'cli'; $animal = $mode == 'htaccess' ? $_REQUEST['animal'] : $_SERVER['animal']; - // check that $animal specifies a subdirectory of $farm - if (strpos(fullpath($farm.'/'.$animal), fullpath($farm).'/') !== 0) - nice_die('Sorry! Invalid Wiki name!'); + // check that $animal is a string and specifies a subdirectory of $farm + if (!is_string($animal) || strpos(fullpath($farm.'/'.$animal), fullpath($farm).'/') !== 0) + nice_die('Sorry! Invalid animal name!'); if(!is_dir($farm.'/'.$animal)) nice_die("Sorry! This Wiki doesn't exist!"); if(!defined('DOKU_FARM')) define('DOKU_FARM', $mode); |