diff options
| author | brettp <brettp@36083f99-b078-4883-b0ff-0f9b5a30f544> | 2010-05-29 02:20:59 +0000 | 
|---|---|---|
| committer | brettp <brettp@36083f99-b078-4883-b0ff-0f9b5a30f544> | 2010-05-29 02:20:59 +0000 | 
| commit | 45b492f458541dade3ee6d7a819eddcea7004616 (patch) | |
| tree | 14fc73c1650242db169b4e51bf0005de4a7668e4 /engine/lib | |
| parent | a19462d8b0c1bc07597c78c92a79415694eee3eb (diff) | |
| download | elgg-45b492f458541dade3ee6d7a819eddcea7004616.tar.gz elgg-45b492f458541dade3ee6d7a819eddcea7004616.tar.bz2 | |
Merged [6248] - [6252] into trunk.
git-svn-id: http://code.elgg.org/elgg/trunk@6284 36083f99-b078-4883-b0ff-0f9b5a30f544
Diffstat (limited to 'engine/lib')
| -rw-r--r-- | engine/lib/pagehandler.php | 39 | 
1 files changed, 21 insertions, 18 deletions
| diff --git a/engine/lib/pagehandler.php b/engine/lib/pagehandler.php index 490b81159..a6143a4e6 100644 --- a/engine/lib/pagehandler.php +++ b/engine/lib/pagehandler.php @@ -9,7 +9,9 @@   */  /** - * Turns the current page over to the page handler, allowing registered handlers to take over + * Turns the current page over to the page handler, allowing registered handlers to take over. + * + * If a page handler returns FALSE, the request is handed over to the default_page_handler.   *   * @param string $handler The name of the handler type (eg 'blog')   * @param array $page The parameters to the page, as an array (exploded by '/' slashes) @@ -84,7 +86,8 @@ function register_page_handler($handler, $function) {  }  /** - * A default page handler that attempts to load the actual file at a given page handler location + * A default page handler + * Tries to locate a suitable file to include. Only works for core pages, not plugins.   *   * @param array $page The page URL elements   * @param string $handler The base handler @@ -92,25 +95,25 @@ function register_page_handler($handler, $function) {   */  function default_page_handler($page, $handler) {  	global $CONFIG; -	$script = ""; -	$page = implode('/',$page); -	if (($questionmark = strripos($page, '?'))) { -		$page = substr($page, 0, $questionmark); -	} -	$script = str_replace("..","",$script); +	$page = implode('/', $page); + +	// protect against including arbitary files +	$page = str_replace("..", "", $page); +	  	$callpath = $CONFIG->path . $handler . "/" . $page; -	if (!file_exists($callpath) || is_dir($callpath) || substr_count($callpath,'.php') == 0) { -			if (substr($callpath,strlen($callpath) - 1, 1) != "/") { -				$callpath .= "/"; -			} -			$callpath .= "index.php"; -			if (!include($callpath)) { -				return false; +	if (is_dir($callpath)) { +		$callpath = sanitise_filepath($callpath); +		$callpath .= "index.php"; +		if (file_exists($callpath)) { +			if (include($callpath)) { +				return TRUE;  			} -	} else { +		} +	} else if (file_exists($callpath)) {  		include($callpath); +		return TRUE;  	} -	return true; -}
\ No newline at end of file +	return FALSE; +} | 
