diff options
Diffstat (limited to 'phpBB/includes/session.php')
| -rw-r--r-- | phpBB/includes/session.php | 8 |
1 files changed, 7 insertions, 1 deletions
diff --git a/phpBB/includes/session.php b/phpBB/includes/session.php index 09a52feb1f..079d7b9f07 100644 --- a/phpBB/includes/session.php +++ b/phpBB/includes/session.php @@ -64,7 +64,8 @@ class session $query_string = trim(implode('&', $args)); // basenamed page name (for example: index.php) - $page_name = htmlspecialchars(basename($script_name)); + $page_name = basename($script_name); + $page_name = urlencode(htmlspecialchars($page_name)); // current directory within the phpBB root (for example: adm) $root_dirs = explode('/', str_replace('\\', '/', phpbb_realpath($root_path))); @@ -112,6 +113,11 @@ class session 'page' => $page ); + if (!file_exists($page_name)) + { + trigger_error('You are on a page that does not exist!', E_USER_ERROR); + } + return $page_array; } |