commit d13d7939f50cc4088e1642b65794def354ec86ea
parent f6515d3ead26eeee276ce7d3376c6e0680b1b4fc
Author: Jan Dankert <devnull@localhost>
Date: Sat, 19 Nov 2011 13:50:21 +0100
Subaction-Konfiguration ignorieren: Prüfen, ob Methode im Controller vorhanden ist - falls nicht, einen HTTP-Fehler 404 erzeugen.
Diffstat:
1 file changed, 8 insertions(+), 2 deletions(-)
diff --git a/dispatcher.php b/dispatcher.php
@@ -210,7 +210,7 @@ $do->subActionName = $subaction;
$do->init();
-if ( !isset($do->actionConfig[$subaction]) )
+if ( !isset($do->actionConfig[$subaction]) && false )
{
Logger::warn( "Action $action has no configured method named $subaction");
Http::serverError("Action '$action' has no accessable method '$subaction'.");
@@ -218,7 +218,7 @@ if ( !isset($do->actionConfig[$subaction]) )
}
-$subactionConfig = $do->actionConfig[$subaction];
+$subactionConfig = @$do->actionConfig[$subaction];
// Eine Subaktion ohne "guest=true" verlangt einen angemeldeten Benutzer.
@@ -273,6 +273,12 @@ else
Logger::debug("Executing $actionClassName::$subactionMethodName");
+if ( ! method_exists($do,$subactionMethodName) )
+{
+ Http::sendStatus(404,"Method not found","Method '".$subactionMethodName."' does not exist in this context" );
+
+}
+
$do->$subactionMethodName();
if ( isset($do->actionConfig[$do->subActionName]['direct']) )