diff --git a/functions.php b/functions.php
index c9c8f15..086b98f 100644
--- a/functions.php
+++ b/functions.php
@@ -63,17 +63,29 @@ function set_title($title) {
parse_str($urlargs, $args);
$newtitle = $title;
if ($args['arch']) {
- $newtitle = $args['arch'] . " - " . $newtitle;
+ if (preg_match('/^[a-zA-Z0-9._]*$/', $args['arch'])) {
+ $newtitle = urlencode($args['arch']) . " - " . $newtitle;
+ } else {
+ $newtitle = " Invalid request - " . $newtitle;
+ }
}
if ($args['tag']) {
- $newtitle = $args['tag'] . " - " . $newtitle;
+ if (preg_match('/^[a-zA-Z0-9._-]*$/', $args['tag'])) {
+ $newtitle = urlencode($args['tag']) . " - " . $newtitle;
+ } else {
+ $newtitle = " Invalid request - " . $newtitle;
+ }
}
if ($args['pkg']) {
if ($args['pkg'] == '_index')
$newtitle = 'Index - ' . $newtitle;
else {
- $e = explode('.', $args['pkg']);
- $newtitle = $e[0] . " - " . $e[1] . " - " . $newtitle;
+ if (preg_match('/^[a-zA-Z0-9._+-]*$/', $args['pkg'])) {
+ $e = explode('.', urlencode($args['pkg']));
+ $newtitle = $e[0] . " - " . $e[1] . " - " . $newtitle;
+ } else {
+ $newtitle = " Invalid request - " . $newtitle;
+ }
}
}
return $newtitle;
@@ -267,10 +279,14 @@ function openmamba_distroquery_func() {
else
$outputlang = "en_US.UTF-8";
- $ret = "";
- $ret .= "Loading, please wait...
";
- $ret .= "
";
- $ret .= "";
+ if (preg_match('/^[a-zA-Z0-9._\=\-\+\/\.\&\:]*$/', $urlargs)) {
+ $ret = "";
+ $ret .= "Loading, please wait...
";
+ $ret .= "
";
+ $ret .= "";
+ } else {
+ $ret = "" . __("Invalid request.", "responsive") . "
";
+ }
return $ret;
}
@@ -289,8 +305,12 @@ function openmamba_distromatic_func() {
else
$outputlang = "en_US.UTF-8";
- $ret = "" . __("Loading, please wait...", "responsive") . "
";
- $ret .= "";
+ if (preg_match('/^[a-zA-Z0-9._\=\-\+\/\.\&\:]*$/', $urlargs)) {
+ $ret = "" . __("Loading, please wait...", "responsive") . "
";
+ $ret .= "";
+ } else {
+ $ret = "" . __("Invalid request.", "responsive") . "
";
+ }
return $ret;
}
@@ -303,8 +323,12 @@ function openmamba_showfile_func() {
$urlargs = substr($_SERVER['REQUEST_URI'], $urlargspos + 1);
}
- $ret = "" . "Loading, please wait..." . "
";
- $ret .= "";
+ if (preg_match('/^[a-zA-Z0-9._\=\-\+\/\.\&\:]*$/', $urlargs)) {
+ $ret = "" . "Loading, please wait..." . "
";
+ $ret .= "";
+ } else {
+ $ret = "" . __("Invalid request.", "responsive") . "
";
+ }
return $ret;
}
diff --git a/images/openmamba-256x256.png b/images/openmamba-256x256.png
index ea3478a..59ca8bb 100644
Binary files a/images/openmamba-256x256.png and b/images/openmamba-256x256.png differ
diff --git a/images/openmamba-64x64.png b/images/openmamba-64x64.png
old mode 100644
new mode 100755
index 6590caa..45ca7fa
Binary files a/images/openmamba-64x64.png and b/images/openmamba-64x64.png differ