From aa26a71949f2b1379e79fe404530db638dbd1d94 Mon Sep 17 00:00:00 2001
From: slawkens <slawkens@gmail.com>
Date: Mon, 5 Jul 2021 02:51:45 +0200
Subject: [PATCH] Revert "Security fix"

This reverts commit ef2a4082980ef55f811803eff155c1d356465b26.
---
 index.php | 18 ++++++++----------
 1 file changed, 8 insertions(+), 10 deletions(-)

diff --git a/index.php b/index.php
index 4d716d18..4eda1eac 100644
--- a/index.php
+++ b/index.php
@@ -81,7 +81,7 @@ if(empty($uri) || isset($_REQUEST['template'])) {
 }
 else {
 	$tmp = strtolower($uri);
-	if(preg_match('/^[A-z0-9_\-]+$/', $uri) && file_exists(SYSTEM . 'pages/' . $tmp . '.php')) {
+	if(!preg_match('/[^A-z0-9_\-]/', $uri) && file_exists(SYSTEM . 'pages/' . $tmp . '.php')) {
 		$_REQUEST['p'] = $uri;
 		$found = true;
 	}
@@ -156,18 +156,16 @@ else {
 
 // define page visited, so it can be used within events system
 $page = isset($_REQUEST['subtopic']) ? $_REQUEST['subtopic'] : (isset($_REQUEST['p']) ? $_REQUEST['p'] : '');
-if(empty($page) || !preg_match('/^[A-z0-9_\-]+$/', $page)) {
-	if(!$found) {
-		$page = '404';
+if(empty($page) || !preg_match('/^[A-z0-9\_\-]+$/', $page)) {
+	$tmp = URI;
+	if(!empty($tmp)) {
+		$page = $tmp;
 	}
 	else {
-		$tmp = URI;
-		if (!empty($tmp)) {
-			$page = $tmp;
-		}
-		else {
+		if(!$found)
+			$page = '404';
+		else
 			$page = 'news';
-		}
 	}
 }