1berry/YOURLS
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

require instead of include for more security

Browse Source
This commit is contained in:
LeoColomb 2013-09-07 18:07:26 +02:00
parent 546057fc5a
commit ec29f2e6a6
1 changed files with 3 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
yourls-loader.php
View File

@ -34,7 +34,7 @@ if( preg_match( "@^([$pattern]+)/?$@", $request, $matches ) ) {
$keyword = isset( $matches[1] ) ? $matches[1] : '';
$keyword = yourls_sanitize_keyword( $keyword );
yourls_do_action( 'load_template_go', $keyword );
include_once( YOURLS_ABSPATH.'/yourls-go.php' );
require_once( YOURLS_ABSPATH.'/yourls-go.php' );
exit;
}
@ -44,7 +44,7 @@ if( preg_match( "@^([$pattern]+)\+(all)?/?$@", $request, $matches ) ) {
$keyword = yourls_sanitize_keyword( $keyword );
$aggregate = isset( $matches[2] ) ? (bool)$matches[2] && yourls_allow_duplicate_longurls() : false;
yourls_do_action( 'load_template_infos', $keyword );
include_once( YOURLS_ABSPATH.'/yourls-infos.php' );
require_once( YOURLS_ABSPATH.'/yourls-infos.php' );
exit;
}
@ -59,4 +59,4 @@ if( preg_match( "@^[a-zA-Z]+://.+@", $request, $matches ) ) {
// Past this point this is a request the loader could not understand
yourls_do_action( 'loader_failed', $request );
yourls_redirect( YOURLS_SITE, 302 );
exit;
exit;