diff options
| author | Marc Alexander <admin@m-a-styles.de> | 2015-04-11 16:48:57 +0200 |
|---|---|---|
| committer | Andreas Fischer <bantu@phpbb.com> | 2015-04-28 22:08:19 +0200 |
| commit | ec207d0a71ba2c15e7cdcb2b59acd93aaa011223 (patch) | |
| tree | b02548a1e46446d704deccf018ddbcb9bdd13287 | |
| parent | 89723b17d9c0a2984bcd52e41d8aabbbe03528d9 (diff) | |
| download | forums-ec207d0a71ba2c15e7cdcb2b59acd93aaa011223.tar forums-ec207d0a71ba2c15e7cdcb2b59acd93aaa011223.tar.gz forums-ec207d0a71ba2c15e7cdcb2b59acd93aaa011223.tar.bz2 forums-ec207d0a71ba2c15e7cdcb2b59acd93aaa011223.tar.xz forums-ec207d0a71ba2c15e7cdcb2b59acd93aaa011223.zip | |
[ticket/security-180] Merge if statement with previous one in 3.1.x
SECURITY-180
| -rw-r--r-- | phpBB/includes/functions.php | 8 |
1 files changed, 1 insertions, 7 deletions
diff --git a/phpBB/includes/functions.php b/phpBB/includes/functions.php index 0cf1ab0f24..fcfed8b2a4 100644 --- a/phpBB/includes/functions.php +++ b/phpBB/includes/functions.php @@ -2347,15 +2347,9 @@ function redirect($url, $return = false, $disable_cd_check = false) // Clean URL and check if we go outside the forum directory $url = $phpbb_path_helper->clean_url($url); - if (!$disable_cd_check && strpos($url, generate_board_url(true)) === false) - { - trigger_error('INSECURE_REDIRECT', E_USER_ERROR); - } - - // Make sure we don't redirect to external URLs if (!$disable_cd_check && strpos($url, generate_board_url(true) . '/') !== 0) { - trigger_error('Tried to redirect to potentially insecure url.', E_USER_ERROR); + trigger_error('INSECURE_REDIRECT', E_USER_ERROR); } // Make sure no linebreaks are there... to prevent http response splitting for PHP < 4.4.2 |