|
|
@@ -1,10 +1,17 @@
|
|
|
<?php
|
|
|
reset($_GET);
|
|
|
$function = (key($_GET) ? str_replace("/", "_", key($_GET)) : false);
|
|
|
+function validateData($data)
|
|
|
+{
|
|
|
+ $data = trim($data);
|
|
|
+ $data = stripslashes($data);
|
|
|
+ return htmlspecialchars($data);
|
|
|
+}
|
|
|
+
|
|
|
switch ($function) {
|
|
|
case 'v1_auth':
|
|
|
$group = ($_GET['group']) ?? 0;
|
|
|
- header('Location: v2/auth?group=' . $group);
|
|
|
+ header('Location: v2/auth?group=' . validateData($group));
|
|
|
exit;
|
|
|
default:
|
|
|
// Forward everything to v2 api
|
|
|
@@ -12,4 +19,4 @@ switch ($function) {
|
|
|
$result['statusText'] = "Please Use api/v2";
|
|
|
break;
|
|
|
}
|
|
|
-header('Location: v2/');
|
|
|
+header('Location: v2/');
|
CauseFX