Commit 1d3bb40e authored by Clemens John's avatar Clemens John

Prevent execution from methods of classes required by runtime.php

Signed-off-by: Clemens John's avatarClemens John <clemens.john@floh1111.de>
parent ac046607
......@@ -5,7 +5,7 @@
class Api {
function __construct() {
if (isset($_REQUEST['class']) AND isset($_REQUEST['section'])) {
if(method_exists($_REQUEST['class'], $_REQUEST['section'])) {
if($_REQUEST['class'] == 'ApiMap' && method_exists($_REQUEST['class'], $_REQUEST['section'])) {
eval($_REQUEST['class']."::".$_REQUEST['section']."();");
} else {
echo "Class or section does not exist.";
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment