diff --git a/doc/inlinedocparser.php b/doc/inlinedocparser.php index 6046d606ce..bc196f56ec 100755 --- a/doc/inlinedocparser.php +++ b/doc/inlinedocparser.php @@ -14,14 +14,23 @@ $types = array('abstract','param','example','syntax','result','description','discussion','author','copyright','package','access'); - if(!$app) + if($app) + { + if (!preg_match("/^[a-zA-Z0-9-_]+$/i",$app)) + { + echo 'Invalid application
'; + exit; + } + } + else { $app = 'phpgwapi'; } if ($fn) { - if (preg_match("/^class\.[a-zA-Z0-9]\.inc\.php+$/i",$fn)){ + if (preg_match("/^class\.([a-zA-Z0-9-_]*)\.inc\.php+$/",$fn)) + { $files[] = $fn; } else @@ -46,11 +55,9 @@ while(list($key, $value) = each($files)) { - //echo '$key = '.$key.' and $value = '.$value.'
'; - if (!preg_match("/^class\.(.*)\.inc\.php+$/",$value)) + if (!preg_match("/^class\.([a-zA-Z0-9-_]*)\.inc\.php+$/",$value)) { unset($files[$key]); - //echo '#'.$key.' is bad, and should be unset
'; } }