makary/phpbb
1
0
Fork 0
mirror of https://github.com/phpbb/phpbb.git synced 2025-06-28 06:08:52 +00:00
Code Issues Projects Releases Packages Wiki Activity

slightly different redirect function (now hopefully able to handle all sorts of uris)

Browse source 
git-svn-id: file:///svn/phpbb/trunk@5626 89ea8834-ac86-4346-8a33-228a782c2dd0
This commit is contained in:
Meik Sievertsen 2006-03-14 13:29:12 +00:00
parent 148f259bde
commit 0572b6efbf
1 changed files with 54 additions and 12 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

64
phpBB/includes/functions.php
View file

@ -1095,8 +1095,9 @@ function on_page($num_items, $per_page, $start)
/** /**
* Generate board url (example: http://www.foo.bar/phpBB) * Generate board url (example: http://www.foo.bar/phpBB)
* @param bool $without_script_path if set to true the script path gets not appended (example: http://www.foo.bar)
*/ */
function generate_board_url() function generate_board_url($without_script_path = false)
{ {
global $config, $user; global $config, $user;
@ -1120,15 +1121,16 @@ function generate_board_url()
$url .= ':' . $server_port; $url .= ':' . $server_port;
} }
$url .= $user->page['root_script_path']; if ($without_script_path)
{
return $url; return $url;
} }
return $url . $user->page['root_script_path'];
}
/** /**
* Redirects the user to another page then exits the script nicely * Redirects the user to another page then exits the script nicely
* Do not prepend url with $phpbb_root_path
* If not prefixed by / or full url given the board url will be prefixed
*/ */
function redirect($url) function redirect($url)
{ {
@ -1147,18 +1149,58 @@ function redirect($url)
// Make sure no &'s are in, this will break the redirect // Make sure no &'s are in, this will break the redirect
$url = str_replace('&', '&', $url); $url = str_replace('&', '&', $url);
// If relative path, prepend board url
if (strpos($url, '://') === false && $url{0} != '/')
{
$url = generate_board_url() . '/' . $url;
}
// Make sure no linebreaks are there... to prevent http response splitting for PHP < 4.4.2 // Make sure no linebreaks are there... to prevent http response splitting for PHP < 4.4.2
if (strpos(urldecode($url), "\n") !== false || strpos(urldecode($url), "\r") !== false) if (strpos(urldecode($url), "\n") !== false || strpos(urldecode($url), "\r") !== false)
{ {
trigger_error('Tried to redirect to potentially insecure url.', E_USER_ERROR); trigger_error('Tried to redirect to potentially insecure url.', E_USER_ERROR);
} }
// Determine which type of redirect we need to handle...
$url_parts = parse_url($url);
if ($url_parts === false)
{
// Malformed url, redirect to current page...
$url = generate_board_url() . '/' . $user->page['page'];
}
else if (!empty($url_parts['scheme']) && !empty($url_parts['host']))
{
// Full URL
}
else if ($url{0} == '/')
{
// Absolute uri, prepend direct url...
$url = generate_board_url_2(true) . $url;
}
else
{
// Relative uri
$pathinfo = pathinfo($url);
// Is the uri pointing to the current directory?
if ($pathinfo['dirname'] == '.')
{
$url = generate_board_url() . '/' . $user->page['page_dir'] . '/' . str_replace('./', '', $url);
}
else
{
$url = str_replace($pathinfo['dirname'] . '/', '', $url);
// Make sure we point to the correct directory, we transform the relative uri to an absolute uri...
$substract_path = str_replace(realpath($pathinfo['dirname']), '', realpath('./'));
$dir = str_replace($substract_path, '', $user->page['script_path']);
if (!$dir)
{
$url = '/' . $url;
}
else
{
$url = (strpos($dir, '/') !== 0) ? '/' . $dir . '/' . $url : $dir . '/' . $url;
}
}
}
// Redirect via an HTML form for PITA webservers // Redirect via an HTML form for PITA webservers
if (@preg_match('#Microsoft|WebSTAR|Xitami#', getenv('SERVER_SOFTWARE'))) if (@preg_match('#Microsoft|WebSTAR|Xitami#', getenv('SERVER_SOFTWARE')))
{ {