diff options
| -rw-r--r-- | phpBB/includes/functions.php | 9 | ||||
| -rw-r--r-- | tests/security/redirect_test.php | 6 |
2 files changed, 13 insertions, 2 deletions
diff --git a/phpBB/includes/functions.php b/phpBB/includes/functions.php index bd6a45685d..cc8478ace1 100644 --- a/phpBB/includes/functions.php +++ b/phpBB/includes/functions.php @@ -2708,7 +2708,14 @@ function redirect($url, $return = false, $disable_cd_check = false) } } - $url = generate_board_url() . '/' . $phpbb_path_helper->remove_web_root_path($url); + $url = $phpbb_path_helper->remove_web_root_path($url); + + if ($user->page['page_dir']) + { + $url = $user->page['page_dir'] . '/' . $url; + } + + $url = generate_board_url() . '/' . $url; } // Clean URL and check if we go outside the forum directory diff --git a/tests/security/redirect_test.php b/tests/security/redirect_test.php index ce2d865c44..77dc955c26 100644 --- a/tests/security/redirect_test.php +++ b/tests/security/redirect_test.php @@ -116,9 +116,12 @@ class phpbb_security_redirect_test extends phpbb_security_test_base $phpbb_path_helper = $this->path_helper; $temp_phpbb_root_path = $phpbb_root_path; - // We need to hack phpbb_root_path here, so it matches the actual fileinfo of the testing script. + $temp_page_dir = $user->page['page_dir']; + // We need to hack phpbb_root_path and the user's page_dir here + // so it matches the actual fileinfo of the testing script. // Otherwise the paths are returned incorrectly. $phpbb_root_path = ''; + $user->page['page_dir'] = ''; if ($expected_error !== false) { @@ -133,5 +136,6 @@ class phpbb_security_redirect_test extends phpbb_security_test_base $this->assertEquals($expected_result, $result); } $phpbb_root_path = $temp_phpbb_root_path; + $user->page['page_dir'] = $temp_page_dir; } } |