From 87ba018ab863eee36e721979384d29f223644c02 Mon Sep 17 00:00:00 2001
From: slawkens <slawkens@gmail.com>
Date: Tue, 10 Oct 2017 15:42:52 +0200
Subject: [PATCH] * some fix

---
 index.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/index.php b/index.php
index 1b028caf..f752073e 100644
--- a/index.php
+++ b/index.php
@@ -55,7 +55,7 @@ if(empty($uri) || isset($_REQUEST['template'])) {
 	$_REQUEST['p'] = 'news';
 	$found = true;
 }
-else if(file_exists(SYSTEM . 'pages/' . $uri . '.php')) {
+else if(!preg_match('/[^A-z0-9_\-]/', $uri) && file_exists(SYSTEM . 'pages/' . $uri . '.php')) {
 	$_REQUEST['p'] = $uri;
 	$found = true;
 }