added some security checks

doc/inlinedocparser.php

@@ -29,7 +29,7 @@
 		
     if ($fn)
     {
-				if (preg_match("/^class\.([a-zA-Z0-9-_]*)\.inc\.php+$/",$fn))
+				if (preg_match("/^class\.([a-zA-Z0-9-_]*)\.inc\.php+$/",$fn) || preg_match("/^functions\.inc\.php+$/",$fn))
 				{
 						$files[] = $fn;
 				}
@@ -44,7 +44,7 @@
         $d = dir('../'.$app.'/inc/');
         while ($x = $d->read())
         {
-            if (ereg('class',$x) && !ereg('#',$x) && ereg('php',$x))
+  					if (preg_match("/^class\.([a-zA-Z0-9-_]*)\.inc\.php+$/",$x) || preg_match("/^functions\.inc\.php+$/",$x))
             {
                 $files[] = $x;
             }
@@ -52,16 +52,6 @@
         $d->close;
 
 				reset($files);
-
-				while(list($key, $value) = each($files))
-				{
-						if (!preg_match("/^class\.([a-zA-Z0-9-_]*)\.inc\.php+$/",$value))
-						{
-								unset($files[$key]);
-						}
-				}
- 
-				reset($files);
 		}
 
     while (list($p,$fn) = each($files))
@@ -84,8 +74,10 @@
         {
             preg_match_all("#@(.*)$#sUi",$val[1],$data);
             $new = explode("@",$data[1][0]);
-
 						while (list($x,$y) = each($new))
+            {
+								if (!isset($object) || trim($new[0]) == $object)
+								//if (trim($new[0]) == $object)
 								{
 										$t = trim($new[0]);
 		                if(!$key)
@@ -117,6 +109,7 @@
 						        }
 								}
 						}
+        }
         echo '<br><pre>';
         print_r($elements);
 //        var_dump($elements);