perform basic validation

author friendica <info@friendica.com>

Wed, 2 May 2012 06:15:39 +0000 (23:15 -0700)

committer friendica <info@friendica.com>

Wed, 2 May 2012 06:15:39 +0000 (23:15 -0700)
author friendica <info@friendica.com>
Wed, 2 May 2012 06:15:39 +0000 (23:15 -0700)
committer friendica <info@friendica.com>
Wed, 2 May 2012 06:15:39 +0000 (23:15 -0700)
diff --git a/boot.php b/boot.php

index e1687030d53d155de20636cd4223de334ccf9a86..ed083d6177c2b6eb1dc494ca68343eb4c6ef14b1 100644 (file)
--- a/boot.php
+++ b/boot.php
@@ -1520,9 +1520,12 @@ function get_my_url() {
  }
  
  function zrl_init(&$a) {
-       proc_run('php','include/gprobe.php',bin2hex(get_my_url()));
-       $arr = array('zrl' => get_my_url(), 'url' => $a->cmd);
-       call_hooks('zrl_init',$arr);
+       $tmp_str = get_my_url();
+       if(validate_url($tmp_str)) {
+               proc_run('php','include/gprobe.php',bin2hex($tmp_str));
+               $arr = array('zrl' => $tmp_str, 'url' => $a->cmd);
+               call_hooks('zrl_init',$arr);
+       }
  }
  
  function zrl($s,$force = false) {
diff --git a/include/gprobe.php b/include/gprobe.php

index 5ca42729a701c60159bfd2b0213831ee86bef229..b4edbe4dba72466c9fec352f78bb4db9323040e3 100644 (file)
--- a/include/gprobe.php
+++ b/include/gprobe.php
@@ -33,6 +33,9 @@ function gprobe_run($argv, $argc){
  
         $url = hex2bin($argv[1]);
  
+       if(! validate_url($url))
+               return;
+
         $r = q("select * from gcontact where nurl = '%s' limit 1",
                 dbesc(normalise_link($url))
         );
author	friendica <info@friendica.com>
	Wed, 2 May 2012 06:15:39 +0000 (23:15 -0700)
committer	friendica <info@friendica.com>
	Wed, 2 May 2012 06:15:39 +0000 (23:15 -0700)
boot.php		patch \| blob \| history
include/gprobe.php		patch \| blob \| history