validate page parameter to be a local filename
continuous-integration/drone/pr Build encountered an error
Details
continuous-integration/drone/pr Build encountered an error
Details
This commit is contained in:
parent
e5eb43ecc6
commit
c2ec0439df
|
@ -17,7 +17,17 @@ $additional_head = "
|
|||
|
||||
$parser = wiki::factory(true);
|
||||
|
||||
if (!isset($_GET["page"]) || !file_exists("pages/{$_GET['page']}.md")) {
|
||||
if(isset($_GET["page"])) {
|
||||
$page=$_GET["page"];
|
||||
} else {
|
||||
$page="";
|
||||
}
|
||||
|
||||
if(preg_match("/[^a-z0-9_-]/", $page)) {
|
||||
$page="";
|
||||
}
|
||||
|
||||
if ($page=="" || !file_exists("pages/$page.md")) {
|
||||
|
||||
$title = "tilde.chat~wiki";
|
||||
$additional_head .= "
|
||||
|
@ -73,7 +83,7 @@ if (!isset($_GET["page"]) || !file_exists("pages/{$_GET['page']}.md")) {
|
|||
|
||||
} else {
|
||||
|
||||
$pg = $parser->parse(file_get_contents("pages/{$_GET["page"]}.md"));
|
||||
$pg = $parser->parse(file_get_contents("pages/$page.md"));
|
||||
$yml = $pg->getYAML();
|
||||
$title = $yml['title'] . " | tilde.chat~wiki";
|
||||
$description = $yml['description'] ?? "tilde.chat wiki article {$yml['title']}";
|
||||
|
@ -91,7 +101,7 @@ if (!isset($_GET["page"]) || !file_exists("pages/{$_GET['page']}.md")) {
|
|||
<hr>
|
||||
<?=$pg->getContent()?>
|
||||
<hr>
|
||||
<a href="https://tildegit.org/tildeverse/tilde.chat/src/branch/master/wiki/pages/<?=$_GET["page"]?>.md">
|
||||
<a href="https://tildegit.org/tildeverse/tilde.chat/src/branch/master/wiki/pages/<?=$page?>.md">
|
||||
<i class="fa fa-edit"></i> source
|
||||
</a>
|
||||
|
||||
|
|
Loading…
Reference in New Issue