diff options
| author | Silvio Rhatto <rhatto@riseup.net> | 2014-03-14 21:25:01 -0300 |
|---|---|---|
| committer | Silvio Rhatto <rhatto@riseup.net> | 2014-03-14 21:25:01 -0300 |
| commit | 3651c99a195685f3a868e159e72c4daf8cb371d3 (patch) | |
| tree | cb004dd7b6ca55215a2c20112fe0c5209d98c18e /mod/blog/start.php | |
| parent | 97e689213ff4e829f251af526ed4e796a3cc2b71 (diff) | |
| parent | c2707bb867ddb285af85d7a0e75db26ef692d68c (diff) | |
| download | elgg-3651c99a195685f3a868e159e72c4daf8cb371d3.tar.gz elgg-3651c99a195685f3a868e159e72c4daf8cb371d3.tar.bz2 | |
Merge branch 'master' into saravea
Conflicts:
mod/blog/views/default/blog/sidebar/archives.php
Diffstat (limited to 'mod/blog/start.php')
| -rw-r--r-- | mod/blog/start.php | 15 |
1 files changed, 14 insertions, 1 deletions
diff --git a/mod/blog/start.php b/mod/blog/start.php index 25cd81935..e724b91c2 100644 --- a/mod/blog/start.php +++ b/mod/blog/start.php @@ -113,14 +113,23 @@ function blog_page_handler($page) { switch ($page_type) { case 'owner': $user = get_user_by_username($page[1]); + if (!$user) { + forward('', '404'); + } $params = blog_get_page_content_list($user->guid); break; case 'friends': $user = get_user_by_username($page[1]); + if (!$user) { + forward('', '404'); + } $params = blog_get_page_content_friends($user->guid); break; case 'archive': $user = get_user_by_username($page[1]); + if (!$user) { + forward('', '404'); + } $params = blog_get_page_content_archive($user->guid, $page[2], $page[3]); break; case 'view': @@ -139,7 +148,11 @@ function blog_page_handler($page) { $params = blog_get_page_content_edit($page_type, $page[1], $page[2]); break; case 'group': - if ($page[2] == 'all') { + $group = get_entity($page[1]); + if (!elgg_instanceof($group, 'group')) { + forward('', '404'); + } + if (!isset($page[2]) || $page[2] == 'all') { $params = blog_get_page_content_list($page[1]); } else { $params = blog_get_page_content_archive($page[1], $page[3], $page[4]); |