Bug #56965 - Allow redirect() to redirect across directories.

git-svn-id: file:///svn/phpbb/branches/phpBB-3_0_0@10536 89ea8834-ac86-4346-8a33-228a782c2dd0

phpBB/docs/CHANGELOG.html

@@ -95,6 +95,7 @@
 		<li>[Fix] Take admin's time zone settings into account when listing database backup files. (Bug #57385)</li>
 		<li>[Fix] Honor minimum and maximum password length in generated passwords as much as we can. (Bug #13181)</li>
 		<li>[Fix] No longer return the character O in generated random strings and passwords. (Bug #57345)</li>
+		<li>[Fix] Allow redirect() function to redirect across directories. (Bug #56965)</li>
 		<li>[Feature] Support for Microsoft's Native SQL Server Driver for PHP (Bug #57055 - Patch by Chris Pucci at Microsoft)</li>
 	</ul>
 

phpBB/includes/functions.php

@@ -2336,6 +2336,19 @@ function redirect($url, $return = false, $disable_cd_check = false)
 		// Relative uri
 		$pathinfo = pathinfo($url);
 
+		if (!$disable_cd_check && !file_exists($pathinfo['dirname']))
+		{
+			$url = str_replace('../', '', $url);
+			$pathinfo = pathinfo($url);
+
+			if (!file_exists($pathinfo['dirname']))
+			{
+				// fallback to "last known user page"
+				$url = generate_board_url() . '/' . $user->page['page'];
+				break;
+			}
+		}
+
 		// Is the uri pointing to the current directory?
 		if ($pathinfo['dirname'] == '.')
 		{