Is it secure?
Posted: Tue Aug 24, 2010 12:14 am
Code: Select all
function requestFilter( $value = null, $filter = 'integer', $specialcharacters = "" ){
switch($filter){
default:
case 'integer':
$value = intval($value);
break;
case 'latin':
$value = preg_replace('#[^a-zA-Z'.$specialcharacters.']#', '', $value);
break;
}
return $value;
}
$admin_modules = array("users", "products", "category", "pages", "shipping", "ordering");
$module = isset($_REQUEST['module']) && !empty($_REQUEST['module']) && in_array($_REQUEST['module'], $admin_modules) ? requestFilter($_REQUEST['module'], "latin") : null;
if(!is_null($module)){
switch($module){
case "users":
case "products":
case "category":
case "pages":
case "shipping":
case "orders":
require_once("modules/".$module.".php");
break;
}
}