diff options
Diffstat (limited to 'phpBB/includes/functions.php')
| -rw-r--r-- | phpBB/includes/functions.php | 15 |
1 files changed, 14 insertions, 1 deletions
diff --git a/phpBB/includes/functions.php b/phpBB/includes/functions.php index 4b73aa4af9..38f910974a 100644 --- a/phpBB/includes/functions.php +++ b/phpBB/includes/functions.php @@ -202,7 +202,7 @@ function set_config_count($config_name, $increment, $is_dynamic = false) function gen_rand_string($num_chars = 8) { $rand_str = unique_id(); - $rand_str = str_replace('0', 'Z', strtoupper(base_convert($rand_str, 16, 35))); + $rand_str = str_replace(array('0', 'O'), array('Z', 'Y'), strtoupper(base_convert($rand_str, 16, 34))); return substr($rand_str, 0, $num_chars); } @@ -2336,6 +2336,19 @@ function redirect($url, $return = false, $disable_cd_check = false) // Relative uri $pathinfo = pathinfo($url); + if (!$disable_cd_check && !file_exists($pathinfo['dirname'])) + { + $url = str_replace('../', '', $url); + $pathinfo = pathinfo($url); + + if (!file_exists($pathinfo['dirname'])) + { + // fallback to "last known user page" + $url = generate_board_url() . '/' . $user->page['page']; + break; + } + } + // Is the uri pointing to the current directory? if ($pathinfo['dirname'] == '.') { |