makary/phpbb
1
0
Fork 0
mirror of https://github.com/phpbb/phpbb.git synced 2025-06-27 21:58:52 +00:00
Code Issues Projects Releases Packages Wiki Activity

Added exit's after those header location redirects without them

Browse source 
git-svn-id: file:///svn/phpbb/branches/phpBB-2_0_0@2575 89ea8834-ac86-4346-8a33-228a782c2dd0
This commit is contained in:
Paul S. Owen 2002-05-13 13:18:18 +00:00
parent 64ab0a5a0d
commit 20748ac9d5
11 changed files with 42 additions and 9 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

4
phpBB/admin/admin_styles.php
View file

@ -52,7 +52,9 @@ if( empty($HTTP_POST_VARS['send_file']) )
if( $cancel ) if( $cancel )
{ {
header("Location: " . append_sid("admin_styles.$phpEx")); $header_location = ( @preg_match('/Microsoft|WebSTAR|Xitami/', getenv('SERVER_SOFTWARE')) ) ? 'Refresh: 0; URL=' : 'Location: ';
header($header_location . append_sid("admin_styles.$phpEx"));
exit;
} }
if( isset($HTTP_GET_VARS['mode']) || isset($HTTP_POST_VARS['mode']) ) if( isset($HTTP_GET_VARS['mode']) || isset($HTTP_POST_VARS['mode']) )

4
phpBB/admin/pagestart.php
View file

@ -39,7 +39,9 @@ init_userprefs($userdata);
// //
if( !$userdata['session_logged_in'] ) if( !$userdata['session_logged_in'] )
{ {
header("Location: ../" . append_sid("login.$phpEx?redirect=admin/")); $header_location = ( @preg_match('/Microsoft|WebSTAR|Xitami/', getenv('SERVER_SOFTWARE')) ) ? 'Refresh: 0; URL=' : 'Location: ';
header($header_location . '../' . append_sid("login.$phpEx?redirect=admin/"));
exit;
} }
else if( $userdata['user_level'] != ADMIN ) else if( $userdata['user_level'] != ADMIN )
{ {

13
phpBB/common.php
View file

@ -101,18 +101,19 @@ if( !get_magic_quotes_gpc() )
// malicious rewriting of language and otherarray values via // malicious rewriting of language and otherarray values via
// URI params // URI params
// //
$board_config = Array(); $board_config = array();
$userdata = Array(); $userdata = array();
$theme = Array(); $theme = array();
$images = Array(); $images = array();
$lang = Array(); $lang = array();
$gen_simple_header = FALSE; $gen_simple_header = FALSE;
@include($phpbb_root_path . 'config.'.$phpEx); include($phpbb_root_path . 'config.'.$phpEx);
if( !defined("PHPBB_INSTALLED") ) if( !defined("PHPBB_INSTALLED") )
{ {
header("Location: install.$phpEx"); header("Location: install.$phpEx");
exit;
} }
include($phpbb_root_path . 'includes/constants.'.$phpEx); include($phpbb_root_path . 'includes/constants.'.$phpEx);

6
phpBB/groupcp.php
View file

@ -159,6 +159,7 @@ if ( isset($HTTP_POST_VARS['groupstatus']) && $group_id )
if ( !$userdata['session_logged_in'] ) if ( !$userdata['session_logged_in'] )
{ {
header($header_location . append_sid("login.$phpEx?redirect=groupcp.$phpEx&" . POST_GROUPS_URL . "=$group_id", true)); header($header_location . append_sid("login.$phpEx?redirect=groupcp.$phpEx&" . POST_GROUPS_URL . "=$group_id", true));
exit;
} }
$sql = "SELECT group_moderator $sql = "SELECT group_moderator
@ -208,6 +209,7 @@ else if ( isset($HTTP_POST_VARS['joingroup']) && $group_id )
if ( !$userdata['session_logged_in'] ) if ( !$userdata['session_logged_in'] )
{ {
header($header_location . append_sid("login.$phpEx?redirect=groupcp.$phpEx&" . POST_GROUPS_URL . "=$group_id", true)); header($header_location . append_sid("login.$phpEx?redirect=groupcp.$phpEx&" . POST_GROUPS_URL . "=$group_id", true));
exit;
} }
$sql = "SELECT ug.user_id, g.group_type $sql = "SELECT ug.user_id, g.group_type
@ -309,10 +311,12 @@ else if ( isset($HTTP_POST_VARS['unsub']) || isset($HTTP_POST_VARS['unsubpending
if ( $cancel ) if ( $cancel )
{ {
header($header_location . append_sid("groupcp.$phpEx", true)); header($header_location . append_sid("groupcp.$phpEx", true));
exit;
} }
elseif ( !$userdata['session_logged_in'] ) elseif ( !$userdata['session_logged_in'] )
{ {
header($header_location . append_sid("login.$phpEx?redirect=groupcp.$phpEx&" . POST_GROUPS_URL . "=$group_id", true)); header($header_location . append_sid("login.$phpEx?redirect=groupcp.$phpEx&" . POST_GROUPS_URL . "=$group_id", true));
exit;
} }
if ( $confirm ) if ( $confirm )
@ -396,6 +400,7 @@ else if ( $group_id )
if ( !$userdata['session_logged_in'] ) if ( !$userdata['session_logged_in'] )
{ {
header($header_location . append_sid("login.$phpEx?redirect=groupcp.$phpEx&" . POST_GROUPS_URL . "=$group_id", true)); header($header_location . append_sid("login.$phpEx?redirect=groupcp.$phpEx&" . POST_GROUPS_URL . "=$group_id", true));
exit;
} }
} }
@ -457,6 +462,7 @@ else if ( $group_id )
if ( !$userdata['session_logged_in'] ) if ( !$userdata['session_logged_in'] )
{ {
header($header_location . append_sid("login.$phpEx?redirect=groupcp.$phpEx&" . POST_GROUPS_URL . "=$group_id", true)); header($header_location . append_sid("login.$phpEx?redirect=groupcp.$phpEx&" . POST_GROUPS_URL . "=$group_id", true));
exit;
} }
if ( !$is_moderator ) if ( !$is_moderator )

1
phpBB/install.php
View file

@ -344,6 +344,7 @@ else
else else
{ {
header("Location: " . append_sid("index.$phpEx", true)); header("Location: " . append_sid("index.$phpEx", true));
exit;
} }
} }

8
phpBB/login.php
View file

@ -67,6 +67,7 @@ if( isset($HTTP_POST_VARS['login']) || isset($HTTP_GET_VARS['login']) || isset($
if( $row['user_level'] != ADMIN && $board_config['board_disable'] ) if( $row['user_level'] != ADMIN && $board_config['board_disable'] )
{ {
header($header_location . append_sid("index.$phpEx", true)); header($header_location . append_sid("index.$phpEx", true));
exit;
} }
else else
{ {
@ -81,10 +82,12 @@ if( isset($HTTP_POST_VARS['login']) || isset($HTTP_GET_VARS['login']) || isset($
if( !empty($HTTP_POST_VARS['redirect']) ) if( !empty($HTTP_POST_VARS['redirect']) )
{ {
header($header_location . append_sid($HTTP_POST_VARS['redirect'], true)); header($header_location . append_sid($HTTP_POST_VARS['redirect'], true));
exit;
} }
else else
{ {
header($header_location . append_sid("index.$phpEx", true)); header($header_location . append_sid("index.$phpEx", true));
exit;
} }
} }
else else
@ -129,10 +132,12 @@ if( isset($HTTP_POST_VARS['login']) || isset($HTTP_GET_VARS['login']) || isset($
if( !empty($HTTP_POST_VARS['redirect']) ) if( !empty($HTTP_POST_VARS['redirect']) )
{ {
header($header_location . append_sid($HTTP_POST_VARS['redirect'], true)); header($header_location . append_sid($HTTP_POST_VARS['redirect'], true));
exit;
} }
else else
{ {
header($header_location . append_sid("index.$phpEx", true)); header($header_location . append_sid("index.$phpEx", true));
exit;
} }
} }
else else
@ -140,10 +145,12 @@ if( isset($HTTP_POST_VARS['login']) || isset($HTTP_GET_VARS['login']) || isset($
if( !empty($HTTP_POST_VARS['redirect']) ) if( !empty($HTTP_POST_VARS['redirect']) )
{ {
header($header_location . append_sid($HTTP_POST_VARS['redirect'], true)); header($header_location . append_sid($HTTP_POST_VARS['redirect'], true));
exit;
} }
else else
{ {
header($header_location . append_sid("index.$phpEx", true)); header($header_location . append_sid("index.$phpEx", true));
exit;
} }
} }
} }
@ -224,6 +231,7 @@ else
else else
{ {
header($header_location . append_sid("index.$phpEx", true)); header($header_location . append_sid("index.$phpEx", true));
exit;
} }
} }

1
phpBB/modcp.php
View file

@ -174,6 +174,7 @@ if ( isset($HTTP_POST_VARS['cancel']) )
$header_location = ( @preg_match('/Microsoft|WebSTAR|Xitami/', getenv('SERVER_SOFTWARE')) ) ? 'Refresh: 0; URL=' : 'Location: '; $header_location = ( @preg_match('/Microsoft|WebSTAR|Xitami/', getenv('SERVER_SOFTWARE')) ) ? 'Refresh: 0; URL=' : 'Location: ';
header($header_location . append_sid($redirect, true)); header($header_location . append_sid($redirect, true));
exit;
} }
// //

8
phpBB/privmsg.php
View file

@ -184,6 +184,7 @@ else if ( $mode == 'read' )
{ {
$header_location = ( @preg_match('/Microsoft|WebSTAR|Xitami/', getenv('SERVER_SOFTWARE')) ) ? 'Refresh: 0; URL=' : 'Location: '; $header_location = ( @preg_match('/Microsoft|WebSTAR|Xitami/', getenv('SERVER_SOFTWARE')) ) ? 'Refresh: 0; URL=' : 'Location: ';
header($header_location . append_sid("login.$phpEx?redirect=privmsg.$phpEx&folder=$folder&mode=$mode&" . POST_POST_URL . "=$privmsgs_id", true)); header($header_location . append_sid("login.$phpEx?redirect=privmsg.$phpEx&folder=$folder&mode=$mode&" . POST_POST_URL . "=$privmsgs_id", true));
exit;
} }
// //
@ -245,6 +246,7 @@ else if ( $mode == 'read' )
{ {
$header_location = ( @preg_match('/Microsoft|WebSTAR|Xitami/', getenv('SERVER_SOFTWARE')) ) ? 'Refresh: 0; URL=' : 'Location: '; $header_location = ( @preg_match('/Microsoft|WebSTAR|Xitami/', getenv('SERVER_SOFTWARE')) ) ? 'Refresh: 0; URL=' : 'Location: ';
header($header_location . append_sid("privmsg.$phpEx?folder=$folder", true)); header($header_location . append_sid("privmsg.$phpEx?folder=$folder", true));
exit;
} }
$privmsg_id = $privmsg['privmsgs_id']; $privmsg_id = $privmsg['privmsgs_id'];
@ -627,6 +629,7 @@ else if ( ( $delete && $mark_list ) || $delete_all )
{ {
$header_location = ( @preg_match('/Microsoft|WebSTAR|Xitami/', getenv('SERVER_SOFTWARE')) ) ? 'Refresh: 0; URL=' : 'Location: '; $header_location = ( @preg_match('/Microsoft|WebSTAR|Xitami/', getenv('SERVER_SOFTWARE')) ) ? 'Refresh: 0; URL=' : 'Location: ';
header($header_location . append_sid("login.$phpEx?redirect=privmsg.$phpEx&folder=inbox", true)); header($header_location . append_sid("login.$phpEx?redirect=privmsg.$phpEx&folder=inbox", true));
exit;
} }
if ( isset($mark_list) && !is_array($mark_list) ) if ( isset($mark_list) && !is_array($mark_list) )
{ {
@ -825,6 +828,7 @@ else if ( $save && $mark_list && $folder != 'savebox' && $folder != 'outbox' )
{ {
$header_location = ( @preg_match('/Microsoft|WebSTAR|Xitami/', getenv('SERVER_SOFTWARE')) ) ? 'Refresh: 0; URL=' : 'Location: '; $header_location = ( @preg_match('/Microsoft|WebSTAR|Xitami/', getenv('SERVER_SOFTWARE')) ) ? 'Refresh: 0; URL=' : 'Location: ';
header($header_location . append_sid("login.$phpEx?redirect=privmsg.$phpEx&folder=inbox", true)); header($header_location . append_sid("login.$phpEx?redirect=privmsg.$phpEx&folder=inbox", true));
exit;
} }
// //
@ -914,6 +918,7 @@ else if ( $submit || $refresh || $mode != '' )
$user_id = ( isset($HTTP_GET_VARS[POST_USERS_URL]) ) ? '&' . POST_USERS_URL . '=' . intval($HTTP_GET_VARS[POST_USERS_URL]) : ''; $user_id = ( isset($HTTP_GET_VARS[POST_USERS_URL]) ) ? '&' . POST_USERS_URL . '=' . intval($HTTP_GET_VARS[POST_USERS_URL]) : '';
$header_location = ( @preg_match('/Microsoft|WebSTAR|Xitami/', getenv('SERVER_SOFTWARE')) ) ? 'Refresh: 0; URL=' : 'Location: '; $header_location = ( @preg_match('/Microsoft|WebSTAR|Xitami/', getenv('SERVER_SOFTWARE')) ) ? 'Refresh: 0; URL=' : 'Location: ';
header($header_location . append_sid("login.$phpEx?redirect=privmsg.$phpEx&folder=$folder&mode=$mode" . $user_id, true)); header($header_location . append_sid("login.$phpEx?redirect=privmsg.$phpEx&folder=$folder&mode=$mode" . $user_id, true));
exit;
} }
// //
@ -1263,6 +1268,7 @@ else if ( $submit || $refresh || $mode != '' )
{ {
$header_location = ( @preg_match('/Microsoft|WebSTAR|Xitami/', getenv('SERVER_SOFTWARE')) ) ? 'Refresh: 0; URL=' : 'Location: '; $header_location = ( @preg_match('/Microsoft|WebSTAR|Xitami/', getenv('SERVER_SOFTWARE')) ) ? 'Refresh: 0; URL=' : 'Location: ';
header($header_location . append_sid("privmsg.$phpEx?folder=$folder", true)); header($header_location . append_sid("privmsg.$phpEx?folder=$folder", true));
exit;
} }
$privmsg_subject = $privmsg['privmsgs_subject']; $privmsg_subject = $privmsg['privmsgs_subject'];
@ -1302,6 +1308,7 @@ else if ( $submit || $refresh || $mode != '' )
{ {
$header_location = ( @preg_match('/Microsoft|WebSTAR|Xitami/', getenv('SERVER_SOFTWARE')) ) ? 'Refresh: 0; URL=' : 'Location: '; $header_location = ( @preg_match('/Microsoft|WebSTAR|Xitami/', getenv('SERVER_SOFTWARE')) ) ? 'Refresh: 0; URL=' : 'Location: ';
header($header_location . append_sid("privmsg.$phpEx?folder=$folder", true)); header($header_location . append_sid("privmsg.$phpEx?folder=$folder", true));
exit;
} }
$privmsg_subject = ( ( !preg_match('/^Re:/', $privmsg['privmsgs_subject']) ) ? 'Re: ' : '' ) . $privmsg['privmsgs_subject']; $privmsg_subject = ( ( !preg_match('/^Re:/', $privmsg['privmsgs_subject']) ) ? 'Re: ' : '' ) . $privmsg['privmsgs_subject'];
@ -1633,6 +1640,7 @@ if ( !$userdata['session_logged_in'] )
{ {
$header_location = ( @preg_match('/Microsoft|WebSTAR|Xitami/', getenv('SERVER_SOFTWARE')) ) ? 'Refresh: 0; URL=' : 'Location: '; $header_location = ( @preg_match('/Microsoft|WebSTAR|Xitami/', getenv('SERVER_SOFTWARE')) ) ? 'Refresh: 0; URL=' : 'Location: ';
header($header_location . append_sid("login.$phpEx?redirect=privmsg.$phpEx&folder=inbox", true)); header($header_location . append_sid("login.$phpEx?redirect=privmsg.$phpEx&folder=inbox", true));
exit;
} }
// //

3
phpBB/upgrade.php
View file

@ -37,7 +37,8 @@ if ( !defined('INSTALLING') )
if( defined("PHPBB_INSTALLED") ) if( defined("PHPBB_INSTALLED") )
{ {
header("Location: index.$phpEx"); $header_location = ( @preg_match('/Microsoft|WebSTAR|Xitami/', getenv('SERVER_SOFTWARE')) ) ? 'Refresh: 0; URL=' : 'Location: ';
header($header_location . " index.$phpEx");
exit; exit;
} }
} }

1
phpBB/viewforum.php
View file

@ -105,6 +105,7 @@ if ( !$is_auth['auth_read'] || !$is_auth['auth_view'] )
$redirect = POST_FORUM_URL . "=$forum_id" . ( ( isset($start) ) ? "&start=$start" : "" ); $redirect = POST_FORUM_URL . "=$forum_id" . ( ( isset($start) ) ? "&start=$start" : "" );
$header_location = ( @preg_match("/Microsoft|WebSTAR|Xitami/", getenv("SERVER_SOFTWARE")) ) ? "Refresh: 0; URL=" : "Location: "; $header_location = ( @preg_match("/Microsoft|WebSTAR|Xitami/", getenv("SERVER_SOFTWARE")) ) ? "Refresh: 0; URL=" : "Location: ";
header($header_location . append_sid("login.$phpEx?redirect=viewforum.$phpEx&$redirect", true)); header($header_location . append_sid("login.$phpEx?redirect=viewforum.$phpEx&$redirect", true));
exit;
} }
// //
// The user is not authed to read this forum ... // The user is not authed to read this forum ...

2
phpBB/viewtopic.php
View file

@ -182,6 +182,7 @@ if( !$is_auth['auth_view'] || !$is_auth['auth_read'] )
$redirect .= ( isset($start) ) ? "&start=$start" : ''; $redirect .= ( isset($start) ) ? "&start=$start" : '';
$header_location = ( @preg_match("/Microsoft|WebSTAR|Xitami/", getenv("SERVER_SOFTWARE")) ) ? "Refresh: 0; URL=" : "Location: "; $header_location = ( @preg_match("/Microsoft|WebSTAR|Xitami/", getenv("SERVER_SOFTWARE")) ) ? "Refresh: 0; URL=" : "Location: ";
header($header_location . append_sid("login.$phpEx?redirect=viewtopic.$phpEx&$redirect", true)); header($header_location . append_sid("login.$phpEx?redirect=viewtopic.$phpEx&$redirect", true));
exit;
} }
$message = ( !$is_auth['auth_view'] ) ? $lang['Topic_post_not_exist'] : sprintf($lang['Sorry_auth_read'], $is_auth['auth_read_type']); $message = ( !$is_auth['auth_view'] ) ? $lang['Topic_post_not_exist'] : sprintf($lang['Sorry_auth_read'], $is_auth['auth_read_type']);
@ -299,6 +300,7 @@ else
{ {
$header_location = ( @preg_match("/Microsoft|WebSTAR|Xitami/", getenv("SERVER_SOFTWARE")) ) ? "Refresh: 0; URL=" : "Location: "; $header_location = ( @preg_match("/Microsoft|WebSTAR|Xitami/", getenv("SERVER_SOFTWARE")) ) ? "Refresh: 0; URL=" : "Location: ";
header($header_location . append_sid("login.$phpEx?redirect=viewtopic.$phpEx&" . POST_TOPIC_URL . "=$topic_id&unwatch=topic", true)); header($header_location . append_sid("login.$phpEx?redirect=viewtopic.$phpEx&" . POST_TOPIC_URL . "=$topic_id&unwatch=topic", true));
exit;
} }
} }
else else