X-Git-Url: https://git.heureux-cyclage.org/?a=blobdiff_plain;f=includes%2FAjaxDispatcher.php;h=f6c907513681de41803f365310fc46498facb83a;hb=dbffab3cf78e26965178f1f24d699b0ac7354532;hp=35b556df7bd9574f309f6aa21b0e9ef253faf4bc;hpb=5e3ecf6a4e98c4416a08411896f2fca975071327;p=lhc%2Fweb%2Fwiklou.git

diff --git a/includes/AjaxDispatcher.php b/includes/AjaxDispatcher.php
index 35b556df7b..f6c9075136 100644
--- a/includes/AjaxDispatcher.php
+++ b/includes/AjaxDispatcher.php
@@ -76,7 +76,7 @@ class AjaxDispatcher {
 
 		switch ( $this->mode ) {
 			case 'get':
-				$this->func_name = isset( $_GET["rs"] ) ? $_GET["rs"] : '';
+				$this->func_name = $_GET["rs"] ?? '';
 				if ( !empty( $_GET["rsargs"] ) ) {
 					$this->args = $_GET["rsargs"];
 				} else {
@@ -84,7 +84,7 @@ class AjaxDispatcher {
 				}
 				break;
 			case 'post':
-				$this->func_name = isset( $_POST["rs"] ) ? $_POST["rs"] : '';
+				$this->func_name = $_POST["rs"] ?? '';
 				if ( !empty( $_POST["rsargs"] ) ) {
 					$this->args = $_POST["rsargs"];
 				} else {
@@ -104,6 +104,9 @@ class AjaxDispatcher {
 	 * they should be carefully handled in the function processing the
 	 * request.
 	 *
+	 * phan-taint-check triggers as it is not smart enough to understand
+	 * the early return if func_name not in AjaxExportList.
+	 * @suppress SecurityCheck-XSS
 	 * @param User $user
 	 */
 	function performAction( User $user ) {