Continued:

- some spaces added
- removed parentheses as requested by @Hypolite
- added really important TODO as remote-inclusion is not what you want

Signed-off-by: Roland Haeder <roland@mxchange.org>
This commit is contained in:
Roland Häder 2017-03-24 21:08:03 +01:00
parent 0e19fdfc71
commit 084dbd6859
No known key found for this signature in database
GPG key ID: B72F8185C6C7BD78

View file

@ -511,7 +511,8 @@ if (!$template) {
$template = theme_include("default.php"); $template = theme_include("default.php");
} }
require_once($template); /// @TODO Looks unsafe (remote-inclusion), is maybe not but theme_include() uses file_exists() but does not escape anything
require_once $template;
if (!$a->is_backend()) { if (!$a->is_backend()) {
session_write_close(); session_write_close();