diff options
author | brettp <brettp@36083f99-b078-4883-b0ff-0f9b5a30f544> | 2010-02-01 02:52:30 +0000 |
---|---|---|
committer | brettp <brettp@36083f99-b078-4883-b0ff-0f9b5a30f544> | 2010-02-01 02:52:30 +0000 |
commit | cee283c2a92d819c38db443f737fd7f789c9e3ef (patch) | |
tree | 28b1cff7a403e237efa15cebdaa907c96b36a1a9 | |
parent | 2e21414d2d8a8f2f72f0781c68223e0315ed0374 (diff) | |
download | elgg-cee283c2a92d819c38db443f737fd7f789c9e3ef.tar.gz elgg-cee283c2a92d819c38db443f737fd7f789c9e3ef.tar.bz2 |
Refs #1079: elgg_view() casts view to a string before attempting to call views.
git-svn-id: http://code.elgg.org/elgg/trunk@3877 36083f99-b078-4883-b0ff-0f9b5a30f544
-rw-r--r-- | engine/lib/elgglib.php | 4 |
1 files changed, 3 insertions, 1 deletions
diff --git a/engine/lib/elgglib.php b/engine/lib/elgglib.php index cd426309d..8999a9c96 100644 --- a/engine/lib/elgglib.php +++ b/engine/lib/elgglib.php @@ -173,10 +173,12 @@ function elgg_get_view_location($view, $viewtype = '') { * @param string $viewtype If set, forces the viewtype for the elgg_view call to be this value (default: standard detection) * @return string The HTML content */ -function elgg_view($view, $vars = array(), $bypass = false, $debug = false, $viewtype = '') { +function elgg_view(string $view, $vars = array(), $bypass = false, $debug = false, $viewtype = '') { global $CONFIG; static $usercache; + $view = (string)$view; + // basic checking for bad paths if (strpos($view, '..') !== false) { return false; |