diff options
| author | Alvaro Herrera | 2012-01-18 15:55:03 +0000 |
|---|---|---|
| committer | Alvaro Herrera | 2012-01-18 15:55:03 +0000 |
| commit | 0ef42c0c0334c7db41dbc126d397c7860ccc0f86 (patch) | |
| tree | 105c5e65687b473c549634e193d8b8d7b76a957a | |
| parent | b6c2dd2cc033a05442f6bd550df5624788971ea1 (diff) | |
reject messages with no @ in the ID
| -rw-r--r-- | archives/html/msgtxt.php | 6 |
1 files changed, 6 insertions, 0 deletions
diff --git a/archives/html/msgtxt.php b/archives/html/msgtxt.php index 639c1dfd..1d2c792e 100644 --- a/archives/html/msgtxt.php +++ b/archives/html/msgtxt.php @@ -3,6 +3,12 @@ $id = $_GET["id"]; $id = str_replace("/", "_", $id); +if (strpos($id, "@") == FALSE) { + header("Status: 404 fucked up message-id"); + print("go away, you insensitive clod\n"); + exit; +} + $parts = split("@", $id, 2); header("Content-type: text/plain"); |