gnh1201/seeddms-code
1
0
Fork 0
mirror of https://git.code.sf.net/p/seeddms/code synced 2025-05-14 21:51:32 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

append referuri to base url to prevent redirects to arbitraty sites

Browse Source
This commit is contained in:
Uwe Steinmann 2021-06-21 08:58:22 +02:00
parent fff27af7e6
commit 0b9435d362
1 changed files with 1 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
op/op.Login.php
View File

@ -97,8 +97,7 @@ if(!$controller->run()) {
$user = $controller->getUser(); $user = $controller->getUser();
if (isset($referuri) && strlen($referuri)>0) { if (isset($referuri) && strlen($referuri)>0) {
// header("Location: http".((isset($_SERVER['HTTPS']) && (strcmp($_SERVER['HTTPS'],'off')!=0)) ? "s" : "")."://".$_SERVER['HTTP_HOST'] . $referuri); header("Location: " . getBaseUrl() . "/" . $referuri);
header("Location: " . $referuri);
} }
else { else {
header("Location: ".$settings->_httpRoot.(isset($settings->_siteDefaultPage) && strlen($settings->_siteDefaultPage)>0 ? $settings->_siteDefaultPage : "out/out.ViewFolder.php?folderid=".($user->getHomeFolder() ? $user->getHomeFolder() : $settings->_rootFolderID))); header("Location: ".$settings->_httpRoot.(isset($settings->_siteDefaultPage) && strlen($settings->_siteDefaultPage)>0 ? $settings->_siteDefaultPage : "out/out.ViewFolder.php?folderid=".($user->getHomeFolder() ? $user->getHomeFolder() : $settings->_rootFolderID)));