From 9cb42980ca8eb8c3480f1b6b82606a9042d8f45b Mon Sep 17 00:00:00 2001
From: "Paul S. Owen" <psotfx@users.sourceforge.net>
Date: Mon, 1 Mar 2004 16:53:21 +0000
Subject: [PATCH] Issue noticed by Pit ... please check before release

git-svn-id: file:///svn/phpbb/branches/phpBB-2_0_0@4853 89ea8834-ac86-4346-8a33-228a782c2dd0
---
 phpBB/login.php | 10 +++++-----
 1 file changed, 5 insertions(+), 5 deletions(-)

diff --git a/phpBB/login.php b/phpBB/login.php
index 218025d9d1..f1183d17d5 100644
--- a/phpBB/login.php
+++ b/phpBB/login.php
@@ -83,7 +83,7 @@ if( isset($HTTP_POST_VARS['login']) || isset($HTTP_GET_VARS['login']) || isset($
 
 					if( $session_id )
 					{
-						$url = ( !empty($HTTP_POST_VARS['redirect']) ) ? $HTTP_POST_VARS['redirect'] : "index.$phpEx";
+						$url = ( !empty($HTTP_POST_VARS['redirect']) ) ? htmlspecialchars($HTTP_POST_VARS['redirect']) : "index.$phpEx";
 						redirect(append_sid($url, true));
 					}
 					else
@@ -93,7 +93,7 @@ if( isset($HTTP_POST_VARS['login']) || isset($HTTP_GET_VARS['login']) || isset($
 				}
 				else
 				{
-					$redirect = ( !empty($HTTP_POST_VARS['redirect']) ) ? $HTTP_POST_VARS['redirect'] : '';
+					$redirect = ( !empty($HTTP_POST_VARS['redirect']) ) ? htmlspecialchars($HTTP_POST_VARS['redirect']) : '';
 					$redirect = str_replace('?', '&', $redirect);
 
 					$template->assign_vars(array(
@@ -108,7 +108,7 @@ if( isset($HTTP_POST_VARS['login']) || isset($HTTP_GET_VARS['login']) || isset($
 		}
 		else
 		{
-			$redirect = ( !empty($HTTP_POST_VARS['redirect']) ) ? $HTTP_POST_VARS['redirect'] : "";
+			$redirect = ( !empty($HTTP_POST_VARS['redirect']) ) ? htmlspecialchars($HTTP_POST_VARS['redirect']) : "";
 			$redirect = str_replace("?", "&", $redirect);
 
 			$template->assign_vars(array(
@@ -129,7 +129,7 @@ if( isset($HTTP_POST_VARS['login']) || isset($HTTP_GET_VARS['login']) || isset($
 
 		if (!empty($HTTP_POST_VARS['redirect']) || !empty($HTTP_GET_VARS['redirect']))
 		{
-			$url = (!empty($HTTP_POST_VARS['redirect'])) ? $HTTP_POST_VARS['redirect'] : $HTTP_GET_VARS['redirect'];
+			$url = (!empty($HTTP_POST_VARS['redirect'])) ? htmlspecialchars($HTTP_POST_VARS['redirect']) : htmlspecialchars($HTTP_GET_VARS['redirect']);
 			redirect(append_sid($url, true));
 		}
 		else
@@ -139,7 +139,7 @@ if( isset($HTTP_POST_VARS['login']) || isset($HTTP_GET_VARS['login']) || isset($
 	}
 	else
 	{
-		$url = ( !empty($HTTP_POST_VARS['redirect']) ) ? $HTTP_POST_VARS['redirect'] : "index.$phpEx";
+		$url = ( !empty($HTTP_POST_VARS['redirect']) ) ? htmlspecialchars($HTTP_POST_VARS['redirect']) : "index.$phpEx";
 		redirect(append_sid($url, true));
 	}
 }