- if($action) {
- switch ($action) {
- case 'delExtSubProj':
- case 'addExtSubProj': {
- global $gfplugins;
- include($gfplugins.$pluginExtSubProj->name.'/actions/'.$action.'.php');
- break;
- }
- default: {
- $pluginExtSubProj->redirect($_SERVER['HTTP_REFERER'], 'error_msg', _('Unknown action.'));
- break;
- }
- }
+ $actions_whitelist_array = array('delExtSubProj',
+ 'addExtSubProj');
+ if (in_array($action, $actions_whitelist_array)) {
+ include($gfplugins.$pluginExtSubProj->name.'/actions/'.$action.'.php');