summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--inc/db.inc.php5
1 files changed, 4 insertions, 1 deletions
diff --git a/inc/db.inc.php b/inc/db.inc.php
index ed45f7b..7356076 100644
--- a/inc/db.inc.php
+++ b/inc/db.inc.php
@@ -1,7 +1,10 @@
<?php
$SESSION_DIR="/srv/postedit/sessions";
-$json = file_get_contents($SESSION_DIR."/".$_GET["key"]."/data.json");
+$key = $_GET["key"];
+if (preg_match('/^[a-z0-9]{4}$/', $key)) {
+ $json = file_get_contents($SESSION_DIR."/".$key."/data.json");
+}
$db = json_decode($json);
?>