Split act_clean() into two functions so that plugins may use action

string sanitization even for their own new actions

Split act_clean() into two functions so that plugins may use action
string sanitization even for their own new actions
62baad0f · Martin Doucha · Andreas Gohr · f1d7655b · 62baad0f
Commit 62baad0f authored 12 years ago by Martin Doucha Committed by Andreas Gohr 12 years ago
--- a/inc/actions.php
+++ b/inc/actions.php
@@ -31,7 +31,7 @@ function act_dispatch(){
    if ($evt->advise_before()) {

        //sanitize $ACT
-        $ACT = act_clean($ACT);
+        $ACT = act_validate($ACT);

        //check if searchword was given - else just show
        $s = cleanID($QUERY);
@@ -184,8 +184,6 @@ function act_sendheaders($headers) {
 /**
 * Sanitize the action command
 *
- * Add all allowed commands here.
- *
 * @author Andreas Gohr <andi@splitbrain.org>
 */
 function act_clean($act){
@@ -206,6 +204,18 @@ function act_clean($act){
    if($act == 'export_htmlbody') $act = 'export_xhtmlbody';

    if($act === '') $act = 'show';
+    return $act;
+}
+
+/**
+ * Sanitize and validate action commands.
+ *
+ * Add all allowed commands here.
+ *
+ * @author Andreas Gohr <andi@splitbrain.org>
+ */
+function act_validate($act) {
+    $act = act_clean($act);

    // check if action is disabled
    if(!actionOK($act)){