From 14d32cc29e47a4e84b98a3492befe7e9a2507ea1 Mon Sep 17 00:00:00 2001
From: "Paula V. Quispe" <paula.quispe@colosa.com>
Date: Wed, 8 Apr 2015 15:50:55 -0400
Subject: [PATCH] I correct High - Code Injection(7 flaws) (8 April Report)

---
 workflow/public_html/sysGeneric.php | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/workflow/public_html/sysGeneric.php b/workflow/public_html/sysGeneric.php
index 908fd1988..e93105a23 100755
--- a/workflow/public_html/sysGeneric.php
+++ b/workflow/public_html/sysGeneric.php
@@ -373,6 +373,10 @@ $virtualURITable['/skins/(*)'] = PATH_HTML . 'skins/'; //ugly
 $virtualURITable['/images/(*)'] = PATH_HTML . 'images/'; //ugly
 $virtualURITable['/[a-zA-Z][a-zA-Z0-9]{0,}/'] = 'errorFile';
 
+//Load filter class
+G::LoadSystem('inputfilter');
+$filter = new InputFilter();
+
 // Verify if we need to redirect or stream the file, if G:VirtualURI returns true means we are going to redirect the page
 if (Bootstrap::virtualURI( $_SERVER['REQUEST_URI'], $virtualURITable, $realPath )) {
     // review if the file requested belongs to public_html plugin
@@ -726,10 +730,6 @@ $bWE = false;
 $isControllerCall = false;
 $isPluginController = false;
 
-//Load filter class
-G::LoadSystem('inputfilter');
-$filter = new InputFilter();
-
 if (substr( SYS_COLLECTION, 0, 8 ) === 'gulliver') {
     $phpFile = PATH_GULLIVER_HOME . 'methods/' . substr( SYS_COLLECTION, 8 ) . SYS_TARGET . '.php';
 } else {