summaryrefslogtreecommitdiff
path: root/gedcheck.php
diff options
context:
space:
mode:
authorLarry Meaney <larry_meaney@iname.com>2010-11-30 07:07:20 +0000
committerLarry Meaney <larry_meaney@iname.com>2010-11-30 07:07:20 +0000
commit8916174c4afcabb8e14fc4bad1cd7320f14a3080 (patch)
treeb398301f8e83153f7c39ec34064a9414a40cd643 /gedcheck.php
parentc3bc207f78fd093e832bc1eff4662fd4100fbe01 (diff)
downloadwebtrees-8916174c4afcabb8e14fc4bad1cd7320f14a3080.tar.gz
webtrees-8916174c4afcabb8e14fc4bad1cd7320f14a3080.tar.bz2
webtrees-8916174c4afcabb8e14fc4bad1cd7320f14a3080.zip
preg_quote the list of gedcoms when validating user input, in case any of the gedcoms have regex characters in their name
Diffstat (limited to 'gedcheck.php')
-rw-r--r--gedcheck.php2
1 files changed, 1 insertions, 1 deletions
diff --git a/gedcheck.php b/gedcheck.php
index 24f6482b0b..f16247553c 100644
--- a/gedcheck.php
+++ b/gedcheck.php
@@ -84,7 +84,7 @@ else {
$default_ged=$tmp[0]; // First gedcom in directory
}
-$ged =safe_POST('ged', array_keys($all_geds), $default_ged);
+$ged =safe_POST('ged', preg_quote_array(array_keys($all_geds)), $default_ged);
$err_level =safe_POST('err_level', '[0-3]', $critical); // Higher numbers are more picky.
$openinnew =safe_POST('openinnew', '[01]', '0'); // Open links in same/new tab/window
$context_lines=safe_POST('context_lines','[0-5]', '2'); // Lines of context to display