Merge pull request 'validate page parameter to be a local filename' (#58) from alexlehm/tilde.chat:validate-page-param into master
continuous-integration/drone/push Build is passing
Details
continuous-integration/drone/push Build is passing
Details
Reviewed-on: #58
This commit is contained in:
commit
bbfaf5b97a
|
@ -17,7 +17,17 @@ $additional_head = "
|
||||||
|
|
||||||
$parser = wiki::factory(true);
|
$parser = wiki::factory(true);
|
||||||
|
|
||||||
if (!isset($_GET["page"]) || !file_exists("pages/{$_GET['page']}.md")) {
|
if(isset($_GET["page"])) {
|
||||||
|
$page=$_GET["page"];
|
||||||
|
} else {
|
||||||
|
$page="";
|
||||||
|
}
|
||||||
|
|
||||||
|
if(preg_match("/[^a-z0-9_-]/", $page)) {
|
||||||
|
$page="";
|
||||||
|
}
|
||||||
|
|
||||||
|
if ($page=="" || !file_exists("pages/$page.md")) {
|
||||||
|
|
||||||
$title = "tilde.chat~wiki";
|
$title = "tilde.chat~wiki";
|
||||||
$additional_head .= "
|
$additional_head .= "
|
||||||
|
@ -73,7 +83,7 @@ if (!isset($_GET["page"]) || !file_exists("pages/{$_GET['page']}.md")) {
|
||||||
|
|
||||||
} else {
|
} else {
|
||||||
|
|
||||||
$pg = $parser->parse(file_get_contents("pages/{$_GET["page"]}.md"));
|
$pg = $parser->parse(file_get_contents("pages/$page.md"));
|
||||||
$yml = $pg->getYAML();
|
$yml = $pg->getYAML();
|
||||||
$title = $yml['title'] . " | tilde.chat~wiki";
|
$title = $yml['title'] . " | tilde.chat~wiki";
|
||||||
$description = $yml['description'] ?? "tilde.chat wiki article {$yml['title']}";
|
$description = $yml['description'] ?? "tilde.chat wiki article {$yml['title']}";
|
||||||
|
@ -91,7 +101,7 @@ if (!isset($_GET["page"]) || !file_exists("pages/{$_GET['page']}.md")) {
|
||||||
<hr>
|
<hr>
|
||||||
<?=$pg->getContent()?>
|
<?=$pg->getContent()?>
|
||||||
<hr>
|
<hr>
|
||||||
<a href="https://tildegit.org/tildeverse/tilde.chat/src/branch/master/wiki/pages/<?=$_GET["page"]?>.md">
|
<a href="https://tildegit.org/tildeverse/tilde.chat/src/branch/master/wiki/pages/<?=$page?>.md">
|
||||||
<i class="fa fa-edit"></i> source
|
<i class="fa fa-edit"></i> source
|
||||||
</a>
|
</a>
|
||||||
|
|
||||||
|
|
Loading…
Reference in New Issue