diff options
| author | Marc Alexander <admin@m-a-styles.de> | 2013-12-27 13:00:22 +0100 |
|---|---|---|
| committer | Marc Alexander <admin@m-a-styles.de> | 2013-12-27 13:00:22 +0100 |
| commit | 9161816267ace60d9972e01b7fbe1213fe29a708 (patch) | |
| tree | dce184bb1124f051bded43a0f056715249729cf5 /phpBB/includes/functions.php | |
| parent | 4ced1626467c1b8a137f18ceb3aca3a032b41c76 (diff) | |
| download | forums-9161816267ace60d9972e01b7fbe1213fe29a708.tar forums-9161816267ace60d9972e01b7fbe1213fe29a708.tar.gz forums-9161816267ace60d9972e01b7fbe1213fe29a708.tar.bz2 forums-9161816267ace60d9972e01b7fbe1213fe29a708.tar.xz forums-9161816267ace60d9972e01b7fbe1213fe29a708.zip | |
[ticket/11997] Do not check if file or dir we redirect to exist
The redirect function will now properly redirect to where we want it to.
It will no longer try to check if the file or directory we redirect to exist.
This will ensure compatibility with the new routes.
PHPBB3-11997
Diffstat (limited to 'phpBB/includes/functions.php')
| -rw-r--r-- | phpBB/includes/functions.php | 88 |
1 files changed, 13 insertions, 75 deletions
diff --git a/phpBB/includes/functions.php b/phpBB/includes/functions.php index aea13f7679..33d0e36a28 100644 --- a/phpBB/includes/functions.php +++ b/phpBB/includes/functions.php @@ -2696,89 +2696,27 @@ function redirect($url, $return = false, $disable_cd_check = false) // Relative uri $pathinfo = pathinfo($url); - // Also treat URLs that have a non-existing basename and fit - // controller style URLs - if (!$disable_cd_check && (!file_exists($pathinfo['dirname'] . '/') || (!file_exists($url) && preg_match('/^[\.]?+[\/]?+(?:app\.php)?+[a-zA-Z0-9\/]/', $url)))) + // Is the uri pointing to the current directory? + if ($pathinfo['dirname'] == '.') { - $url = str_replace('../', '', $url); - $pathinfo = pathinfo($url); + $url = str_replace('./', '', $url); - // Also treat URLs that have a non-existing basename - if (!file_exists($pathinfo['dirname'] . '/') || (!file_exists($url) && preg_match('/^[\.]?+[\/]?+(?:app\.php)?+[a-zA-Z0-9\/]/', $url))) + // Strip / from the beginning + if ($url && substr($url, 0, 1) == '/') { - // fallback to "last known user page" - // at least this way we know the user does not leave the phpBB root - if ($phpbb_path_helper instanceof \phpbb\path_helper) - { - $url = $phpbb_path_helper->get_controller_redirect_url($url); - } - else - { - $url = generate_board_url() . '/' . $user->page['page']; - } - $failover_flag = true; + $url = substr($url, 1); } } - if (!$failover_flag) - { - // Is the uri pointing to the current directory? - if ($pathinfo['dirname'] == '.') - { - $url = str_replace('./', '', $url); - - // Strip / from the beginning - if ($url && substr($url, 0, 1) == '/') - { - $url = substr($url, 1); - } - - if ($user->page['page_dir']) - { - $url = generate_board_url() . '/' . $user->page['page_dir'] . '/' . $url; - } - else - { - $url = generate_board_url() . '/' . $url; - } - } - else - { - // Used ./ before, but $phpbb_root_path is working better with urls within another root path - $root_dirs = explode('/', str_replace('\\', '/', phpbb_realpath($phpbb_root_path))); - $page_dirs = explode('/', str_replace('\\', '/', phpbb_realpath($pathinfo['dirname']))); - $intersection = array_intersect_assoc($root_dirs, $page_dirs); - - $root_dirs = array_diff_assoc($root_dirs, $intersection); - $page_dirs = array_diff_assoc($page_dirs, $intersection); - - $dir = str_repeat('../', sizeof($root_dirs)) . implode('/', $page_dirs); - - // Strip / from the end - if ($dir && substr($dir, -1, 1) == '/') - { - $dir = substr($dir, 0, -1); - } - - // Strip / from the beginning - if ($dir && substr($dir, 0, 1) == '/') - { - $dir = substr($dir, 1); - } - - $url = str_replace($pathinfo['dirname'] . '/', '', $url); + $url = generate_board_url() . '/' . $url; + } - // Strip / from the beginning - if (substr($url, 0, 1) == '/') - { - $url = substr($url, 1); - } + // Clean URL and check if we go outside the forum directory + $url = $phpbb_path_helper->clean_url($url); - $url = (!empty($dir) ? $dir . '/' : '') . $url; - $url = generate_board_url() . '/' . $url; - } - $url = $phpbb_path_helper->clean_url($url);; - } + if (!$disable_cd_check && strpos($url, generate_board_url(true)) === false) + { + trigger_error('INSECURE_REDIRECT', E_USER_ERROR); } // Make sure no linebreaks are there... to prevent http response splitting for PHP < 4.4.2 |