From dd273283900409da66ecc4e9ae5a188d5c2db605 Mon Sep 17 00:00:00 2001
From: friendica <info@friendica.com>
Date: Tue, 1 May 2012 23:15:39 -0700
Subject: [PATCH] perform basic validation

---
 boot.php           | 9 ++++++---
 include/gprobe.php | 3 +++
 2 files changed, 9 insertions(+), 3 deletions(-)

diff --git a/boot.php b/boot.php
index e1687030d5..ed083d6177 100644
--- a/boot.php
+++ b/boot.php
@@ -1520,9 +1520,12 @@ function get_my_url() {
 }
 
 function zrl_init(&$a) {
-	proc_run('php','include/gprobe.php',bin2hex(get_my_url()));
-	$arr = array('zrl' => get_my_url(), 'url' => $a->cmd);
-	call_hooks('zrl_init',$arr);
+	$tmp_str = get_my_url();
+	if(validate_url($tmp_str)) {
+		proc_run('php','include/gprobe.php',bin2hex($tmp_str));
+		$arr = array('zrl' => $tmp_str, 'url' => $a->cmd);
+		call_hooks('zrl_init',$arr);
+	}
 }
 
 function zrl($s,$force = false) {
diff --git a/include/gprobe.php b/include/gprobe.php
index 5ca42729a7..b4edbe4dba 100644
--- a/include/gprobe.php
+++ b/include/gprobe.php
@@ -33,6 +33,9 @@ function gprobe_run($argv, $argc){
 
 	$url = hex2bin($argv[1]);
 
+	if(! validate_url($url))
+		return;
+
 	$r = q("select * from gcontact where nurl = '%s' limit 1",
 		dbesc(normalise_link($url))
 	);