From ec207d0a71ba2c15e7cdcb2b59acd93aaa011223 Mon Sep 17 00:00:00 2001
From: Marc Alexander <admin@m-a-styles.de>
Date: Sat, 11 Apr 2015 16:48:57 +0200
Subject: [PATCH] [ticket/security-180] Merge if statement with previous one in
 3.1.x

SECURITY-180
---
 phpBB/includes/functions.php | 8 +-------
 1 file changed, 1 insertion(+), 7 deletions(-)

diff --git a/phpBB/includes/functions.php b/phpBB/includes/functions.php
index 0cf1ab0f24..fcfed8b2a4 100644
--- a/phpBB/includes/functions.php
+++ b/phpBB/includes/functions.php
@@ -2347,15 +2347,9 @@ function redirect($url, $return = false, $disable_cd_check = false)
 	// Clean URL and check if we go outside the forum directory
 	$url = $phpbb_path_helper->clean_url($url);
 
-	if (!$disable_cd_check && strpos($url, generate_board_url(true)) === false)
-	{
-		trigger_error('INSECURE_REDIRECT', E_USER_ERROR);
-	}
-
-	// Make sure we don't redirect to external URLs
 	if (!$disable_cd_check && strpos($url, generate_board_url(true) . '/') !== 0)
 	{
-		trigger_error('Tried to redirect to potentially insecure url.', E_USER_ERROR);
+		trigger_error('INSECURE_REDIRECT', E_USER_ERROR);
 	}
 
 	// Make sure no linebreaks are there... to prevent http response splitting for PHP < 4.4.2