diff -r ce6053bb48d8 -r ad5986a53197 includes/paths.php
--- a/includes/paths.php	Fri Jun 22 18:42:26 2007 -0400
+++ b/includes/paths.php	Sat Jun 23 09:55:58 2007 -0400
@@ -246,6 +246,9 @@
       }
     }
     
+    $this->page = sanitize_page_id($this->page);
+    $this->fullpage = sanitize_page_id($this->fullpage);
+    
     dc_here('paths: setting $paths->cpage');
     
     if(isset($this->pages[$this->page]))
@@ -296,8 +299,17 @@
     {
       dc_here('paths: page doesn\'t exist, creating new page in memory<br />our page ID is: '.$this->page);
       $this->page_exists = false;
+      $page_name = dirtify_page_id($this->page);
+      $page_name = str_replace('_', ' ', $page_name);
+      
+      $pid_cleaned = sanitize_page_id($this->page);
+      if ( $pid_cleaned != $this->page )
+      {
+        redirect($pid_cleaned, 'Sanitizer message', 'page id sanitized', 0);
+      }
+      
       $this->cpage = Array(
-        'name'=>str_replace('_', ' ', $this->page),
+        'name'=>$page_name,
         'urlname'=>$this->page,
         'namespace'=>'Article',
         'special'=>0,