Forgot release note

[lhc/web/wiklou.git] / redirect.php

diff --git a/redirect.php b/redirect.php
index 2f50814..c0e8746 100644 (file)
--- a/redirect.php
+++ b/redirect.php
@@ -2,17 +2,22 @@
 unset( $DP );
 unset( $IP );
 $wgCommandLineMode = false;
-define( "MEDIAWIKI", true );
+define( 'MEDIAWIKI', true );
+if ( isset( $_REQUEST['GLOBALS'] ) ) {
+       echo '<a href="http://www.hardened-php.net/index.76.html">$GLOBALS overwrite vulnerability</a>';
+       die( -1 );
+}
 
-require_once( "./LocalSettings.php" );
+require_once( './includes/Defines.php' );
+require_once( './LocalSettings.php' );
 global $wgArticlePath;
 
-require_once( "includes/WebRequest.php" );
+require_once( 'includes/WebRequest.php' );
 $wgRequest = new WebRequest();
 
-$page = $wgRequest->getVal( "wpDropdown" );
+$page = $wgRequest->getVal( 'wpDropdown' );
 
-$url = str_replace( "$1", $page, $wgArticlePath );
+$url = str_replace( "$1", urlencode( $page ), $wgArticlePath );
 
 header( "Location: {$url}" );
 ?>