X-Git-Url: https://git.mxchange.org/?a=blobdiff_plain;f=index.php;h=21d5ed275354a052ed3df81dad4bff1b4b2c706c;hb=b3ea8b9a014b6760f6bf59be243f01753c3fc13e;hp=9d27eef2d54da74cafdd9747946915e0f1b378b6;hpb=3b14b7901c65144835d74b712279d0492c267c0c;p=quix0rs-gnu-social.git diff --git a/index.php b/index.php index 9d27eef2d5..21d5ed2753 100644 --- a/index.php +++ b/index.php @@ -1,18 +1,18 @@ . */ @@ -20,16 +20,21 @@ define('INSTALLDIR', dirname(__FILE__)); define('LACONICA', true); -require_once(INSTALLDIR . "/common.php"); +require_once(INSTALLDIR . "/lib/common.php"); $action = $_REQUEST['action']; + +if (!$action || !preg_match('/^[a-zA-Z0-9_-]*$/', $action)) { + common_redirect(common_local_url('public')); +} + $actionfile = INSTALLDIR."/actions/$action.php"; if (file_exists($actionfile)) { - require_once($actionfile); - $action_class = ucfirst($action) . "Action"; - call_user_func(array($action_class, 'handle'), $_REQUEST); + require_once($actionfile); + $action_class = ucfirst($action)."Action"; + $action_obj = new $action_class(); + call_user_func(array($action_obj, 'handle'), $_REQUEST); } else { - common_user_error(_t('Unknown action')); -} - + common_user_error(_('Unknown action')); +} \ No newline at end of file