diff --git a/inc/actions.php b/inc/actions.php
index 0c35bc88c4b5e792434ce1aeeb6564709ab6e020..2137d6b504fa26d20ab07ce5af8337455f7e5ca2 100644
--- a/inc/actions.php
+++ b/inc/actions.php
@@ -31,7 +31,7 @@ function act_dispatch(){
     if ($evt->advise_before()) {
 
         //sanitize $ACT
-        $ACT = act_clean($ACT);
+        $ACT = act_validate($ACT);
 
         //check if searchword was given - else just show
         $s = cleanID($QUERY);
@@ -184,8 +184,6 @@ function act_sendheaders($headers) {
 /**
  * Sanitize the action command
  *
- * Add all allowed commands here.
- *
  * @author Andreas Gohr <andi@splitbrain.org>
  */
 function act_clean($act){
@@ -206,6 +204,18 @@ function act_clean($act){
     if($act == 'export_htmlbody') $act = 'export_xhtmlbody';
 
     if($act === '') $act = 'show';
+    return $act;
+}
+
+/**
+ * Sanitize and validate action commands.
+ *
+ * Add all allowed commands here.
+ *
+ * @author Andreas Gohr <andi@splitbrain.org>
+ */
+function act_validate($act) {
+    $act = act_clean($act);
 
     // check if action is disabled
     if(!actionOK($act)){