Merge branch '1.8' of git://github.com/Elgg/Elgg into lorea-preprod

author: Sem <sembrestels@riseup.net> 2012-05-20 02:39:46 +0200
committer: Sem <sembrestels@riseup.net> 2012-05-20 02:39:46 +0200
commit: 59bec8bc3e61e6ad537c1418e64094d0665470af (patch)
tree: 9f9826a3ca09a23c46d63284a93bf3523e60f36c /engine/lib/views.php
parent: 5da1b3002e12ed112c92c0902f518c82bdd3fbe0 (diff)
parent: 14d2c70e1872f4045fc857be9b9022d085f1fbd1 (diff)
download: elgg-59bec8bc3e61e6ad537c1418e64094d0665470af.tar.gz
elgg-59bec8bc3e61e6ad537c1418e64094d0665470af.tar.bz2
1 files changed, 4 insertions, 1 deletions
diff --git a/engine/lib/views.php b/engine/lib/views.php
index ca0ce7196..1b013be6f 100644
--- a/engine/lib/views.php
+++ b/engine/lib/views.php
@@ -103,7 +103,10 @@ function elgg_get_viewtype() {
 
 	$viewtype = get_input('view', NULL);
 	if ($viewtype) {
-		return $viewtype;
+		// only word characters allowed.
+		if (!preg_match('[\W]', $viewtype)) {
+			return $viewtype;
+		}
 	}
 
 	if (isset($CONFIG->view) && !empty($CONFIG->view)) {
author	Sem <sembrestels@riseup.net>	2012-05-20 02:39:46 +0200
committer	Sem <sembrestels@riseup.net>	2012-05-20 02:39:46 +0200
commit	59bec8bc3e61e6ad537c1418e64094d0665470af (patch)
tree	9f9826a3ca09a23c46d63284a93bf3523e60f36c /engine/lib/views.php
parent	5da1b3002e12ed112c92c0902f518c82bdd3fbe0 (diff)
parent	14d2c70e1872f4045fc857be9b9022d085f1fbd1 (diff)
download	elgg-59bec8bc3e61e6ad537c1418e64094d0665470af.tar.gz elgg-59bec8bc3e61e6ad537c1418e64094d0665470af.tar.bz2