summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--index.php2
1 files changed, 1 insertions, 1 deletions
diff --git a/index.php b/index.php
index 53fd1bfe6..514146c78 100644
--- a/index.php
+++ b/index.php
@@ -24,7 +24,7 @@ require_once(INSTALLDIR . "/lib/common.php");
$action = $_REQUEST['action'];
-if (!$action) {
+if (!$action || !preg_match('/^[a-zA-Z0-9_-]*$/', $action)) {
common_redirect(common_local_url('public'));
}