diff options
-rw-r--r-- | engine/lib/elgglib.php | 4 |
1 files changed, 3 insertions, 1 deletions
diff --git a/engine/lib/elgglib.php b/engine/lib/elgglib.php index cd426309d..8999a9c96 100644 --- a/engine/lib/elgglib.php +++ b/engine/lib/elgglib.php @@ -173,10 +173,12 @@ function elgg_get_view_location($view, $viewtype = '') { * @param string $viewtype If set, forces the viewtype for the elgg_view call to be this value (default: standard detection) * @return string The HTML content */ -function elgg_view($view, $vars = array(), $bypass = false, $debug = false, $viewtype = '') { +function elgg_view(string $view, $vars = array(), $bypass = false, $debug = false, $viewtype = '') { global $CONFIG; static $usercache; + $view = (string)$view; + // basic checking for bad paths if (strpos($view, '..') !== false) { return false; |