harukin/core
Archived
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

escape query string

Browse Source
This commit is contained in:
Mario Vavti
2018-06-07 22:45:07 +02:00
parent d3bc50e18d
commit b3928f3d2a
5 changed files with 7 additions and 7 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
boot.php
View File

@@ -876,13 +876,13 @@ class App {
set_include_path("include/self::$hostname" . PATH_SEPARATOR . get_include_path());
if((x($_SERVER,'QUERY_STRING')) && substr($_SERVER['QUERY_STRING'], 0, 2) === "q=") {
self::$query_string = substr($_SERVER['QUERY_STRING'], 2);
self::$query_string = escape_tags(substr($_SERVER['QUERY_STRING'], 2));
// removing trailing / - maybe a nginx problem
if (substr(self::$query_string, 0, 1) == "/")
self::$query_string = substr(self::$query_string, 1);
}
if(x($_GET,'q'))
self::$cmd = trim($_GET['q'],'/\\');
self::$cmd = escape_tags(trim($_GET['q'],'/\\'));
// unix style "homedir"