aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--phpBB/includes/functions.php3
-rw-r--r--phpBB/includes/session.php14
2 files changed, 13 insertions, 4 deletions
diff --git a/phpBB/includes/functions.php b/phpBB/includes/functions.php
index cb2631d7b5..4155103eef 100644
--- a/phpBB/includes/functions.php
+++ b/phpBB/includes/functions.php
@@ -1883,8 +1883,7 @@ function build_url($strip_vars = false)
global $user, $phpbb_root_path;
// Append SID
- $redirect = (($user->page['page_dir']) ? $user->page['page_dir'] . '/' : '') . $user->page['page_name'] . (($user->page['query_string']) ? "?{$user->page['query_string']}" : '');
- $redirect = append_sid($redirect, false, false);
+ $redirect = append_sid($user->page['page'], false, false);
// Add delimiter if not there...
if (strpos($redirect, '?') === false)
diff --git a/phpBB/includes/session.php b/phpBB/includes/session.php
index 9def5f1edf..d9cc85a154 100644
--- a/phpBB/includes/session.php
+++ b/phpBB/includes/session.php
@@ -51,18 +51,28 @@ class session
$script_name = str_replace(array('\\', '//'), '/', $script_name);
// Now, remove the sid and let us get a clean query string...
+ $use_args = array();
+
+ // Since some browser do not encode correctly we need to do this with some "special" characters...
+ // " -> %22, ' => %27, < -> %3C, > -> %3E
+ $find = array('"', "'", '<', '>');
+ $replace = array('%22', '%27', '%3C', '%3E');
+
foreach ($args as $key => $argument)
{
if (strpos($argument, 'sid=') === 0 || strpos($argument, '_f_=') === 0)
{
- unset($args[$key]);
+ continue;
}
+
+ $use_args[str_replace($find, $replace, $key)] = str_replace($find, $replace, $argument);
}
+ unset($args);
// The following examples given are for an request uri of {path to the phpbb directory}/adm/index.php?i=10&b=2
// The current query string
- $query_string = trim(implode('&', $args));
+ $query_string = trim(implode('&', $use_args));
// basenamed page name (for example: index.php)
$page_name = basename($script_name);