From: garvinhicking <garvinhicking>
Date: Tue, 5 Jun 2007 11:44:34 +0000 (+0000)
Subject: Ensure not using 'online_repository' as pluginPath
X-Git-Url: http://git.mjollnir.org/gw?a=commitdiff_plain;h=9e7c66905df683f0643749191fbe8c170e0f1fda;p=s9y.git

Ensure not using 'online_repository' as pluginPath
---

diff --git a/include/plugin_api.inc.php b/include/plugin_api.inc.php
index 3ba4a56..9dd2d64 100644
--- a/include/plugin_api.inc.php
+++ b/include/plugin_api.inc.php
@@ -111,6 +111,10 @@ class serendipity_plugin_api {
         // Secure Plugin path. No leading slashes, no backslashes, no "up" directories
         $pluginPath = preg_replace('@^(/)@', '', $pluginPath);
         $pluginPath = str_replace(array('..', "\\"), array('', '/'), serendipity_db_escape_string($pluginPath));
+        
+        if ($pluginPath == 'online_repository') {
+            $pluginPath = $key;
+        }
 
         $rs = serendipity_db_query("SELECT MAX(sort_order) as sort_order_max FROM {$serendipity['dbPrefix']}plugins WHERE placement = '$default_placement'", true, 'num');