diff options
Diffstat (limited to 'admin')
-rw-r--r-- | admin/plugin.php | 6 |
1 files changed, 6 insertions, 0 deletions
diff --git a/admin/plugin.php b/admin/plugin.php index b636608ef..82939b35a 100644 --- a/admin/plugin.php +++ b/admin/plugin.php @@ -45,6 +45,12 @@ if (count($sections)<2) } $plugin_id = $sections[0]; + +if (!preg_match('/^\w+$/', $plugin_id)) +{ + die('Invalid plugin identifier'); +} + if ( !isset($pwg_loaded_plugins[$plugin_id]) ) { die('Invalid URL - plugin '.$plugin_id.' not active'); |