perform basic validation

author: friendica <info@friendica.com> 2012-05-01 23:15:39 -0700
committer: friendica <info@friendica.com> 2012-05-01 23:15:39 -0700
commit: dd273283900409da66ecc4e9ae5a188d5c2db605 (patch)
tree: a28ee643d31a726df8249162e179d7fea0c0bfd6
parent: becdb1f5085f2561b8b0acebbdbf43e4a81d50da (diff)
download: volse-hubzilla-dd273283900409da66ecc4e9ae5a188d5c2db605.tar.gz
volse-hubzilla-dd273283900409da66ecc4e9ae5a188d5c2db605.tar.bz2
volse-hubzilla-dd273283900409da66ecc4e9ae5a188d5c2db605.zip
2 files changed, 9 insertions, 3 deletions
diff --git a/boot.php b/boot.php
index e1687030d..ed083d617 100644
--- a/boot.php
+++ b/boot.php
@@ -1520,9 +1520,12 @@ function get_my_url() {
 }
 
 function zrl_init(&$a) {
-	proc_run('php','include/gprobe.php',bin2hex(get_my_url()));
-	$arr = array('zrl' => get_my_url(), 'url' => $a->cmd);
-	call_hooks('zrl_init',$arr);
+	$tmp_str = get_my_url();
+	if(validate_url($tmp_str)) {
+		proc_run('php','include/gprobe.php',bin2hex($tmp_str));
+		$arr = array('zrl' => $tmp_str, 'url' => $a->cmd);
+		call_hooks('zrl_init',$arr);
+	}
 }
 
 function zrl($s,$force = false) {
diff --git a/include/gprobe.php b/include/gprobe.php
index 5ca42729a..b4edbe4db 100644
--- a/include/gprobe.php
+++ b/include/gprobe.php
@@ -33,6 +33,9 @@ function gprobe_run($argv, $argc){
 
 	$url = hex2bin($argv[1]);
 
+	if(! validate_url($url))
+		return;
+
 	$r = q("select * from gcontact where nurl = '%s' limit 1",
 		dbesc(normalise_link($url))
 	);
author	friendica <info@friendica.com>	2012-05-01 23:15:39 -0700
committer	friendica <info@friendica.com>	2012-05-01 23:15:39 -0700
commit	dd273283900409da66ecc4e9ae5a188d5c2db605 (patch)
tree	a28ee643d31a726df8249162e179d7fea0c0bfd6
parent	becdb1f5085f2561b8b0acebbdbf43e4a81d50da (diff)
download	volse-hubzilla-dd273283900409da66ecc4e9ae5a188d5c2db605.tar.gz volse-hubzilla-dd273283900409da66ecc4e9ae5a188d5c2db605.tar.bz2 volse-hubzilla-dd273283900409da66ecc4e9ae5a188d5c2db605.zip