dépôts / lhc / web / wiklou.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
'server' command from live
[lhc/web/wiklou.git] / redirect.php
diff --git a/redirect.php b/redirect.php
index 6b69aee..7c7aa3b 100644 (file)
--- a/redirect.php
+++ b/redirect.php
@@ -2,16 +2,21 @@
 unset( $DP );
 unset( $IP );
 $wgCommandLineMode = false;
+define( 'MEDIAWIKI', true );
+if ( isset( $_REQUEST['GLOBALS'] ) ) {
+       die( '<a href="http://www.hardened-php.net/index.76.html">$GLOBALS overwrite vulnerability</a>');
+}
 
-require_once( "./LocalSettings.php" );
+require_once( './includes/Defines.php' );
+require_once( './LocalSettings.php' );
 global $wgArticlePath;
 
-require_once( "WebRequest.php" );
+require_once( 'includes/WebRequest.php' );
 $wgRequest = new WebRequest();
 
-$page = $wgRequest->getVal( "wpDropdown" );
+$page = $wgRequest->getVal( 'wpDropdown' );
 
-$url = str_replace( "$1", $page, $wgArticlePath );
+$url = str_replace( "$1", urlencode( $page ), $wgArticlePath );
 
 header( "Location: {$url}" );
 ?>
Wiklou, le Wiki du Wiklou