Digitalstack/myaac
2
0
Fork 0
mirror of https://github.com/slawkens/myaac.git synced 2025-04-26 17:29:21 +02:00
Code Issues Packages Projects Releases Wiki Activity

Fix redirects in forum + polls

Browse Source
This commit is contained in:
slawkens 2024-04-14 16:06:57 +02:00
parent eb0c2a7674
commit d5915df37e
7 changed files with 8 additions and 8 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
system/pages/account/manage.php
View File

@ -21,7 +21,7 @@ if(!$logged) {
if(isset($_REQUEST['redirect']))
{
$redirect = urldecode($_REQUEST['redirect']);
// should never happen, unless hacker modify the URL
if (!str_contains($redirect, BASE_URL)) {
error('Fatal error: Cannot redirect outside the website.');

2
system/pages/forum/edit_post.php
View File

@ -19,7 +19,7 @@ if ($ret === false) {
}
if(!$logged) {
echo 'You are not logged in. <a href="' . getLink('account/manage') . '?redirect=' . BASE_URL . urlencode(getLink('forum')) . '">Log in</a> to post on the forum.<br /><br />';
echo 'You are not logged in. <a href="' . getLink('account/manage') . '?redirect=' . urlencode(getLink('forum')) . '">Log in</a> to post on the forum.<br /><br />';
return;
}

2
system/pages/forum/move_thread.php
View File

@ -19,7 +19,7 @@ if ($ret === false) {
}
if(!$logged) {
echo 'You are not logged in. <a href="' . getLink('account/manage') . '?redirect=' . BASE_URL . urlencode(getLink('forum')) . '">Log in</a> to post on the forum.<br /><br />';
echo 'You are not logged in. <a href="' . getLink('account/manage') . '?redirect=' . urlencode(getLink('forum')) . '">Log in</a> to post on the forum.<br /><br />';
return;
}

2
system/pages/forum/new_post.php
View File

@ -24,7 +24,7 @@ if(!$logged) {
$extra_url = '?action=new_post&thread_id=' . $_GET['thread_id'];
}
echo 'You are not logged in. <a href="' . getLink('account/manage') . '?redirect=' . BASE_URL . urlencode(getLink('forum') . $extra_url) . '">Log in</a> to post on the forum.<br /><br />';
echo 'You are not logged in. <a href="' . getLink('account/manage') . '?redirect=' . urlencode(getLink('forum') . $extra_url) . '">Log in</a> to post on the forum.<br /><br />';
return;
}

2
system/pages/forum/new_thread.php
View File

@ -24,7 +24,7 @@ if(!$logged) {
$extra_url = '?action=new_thread&section_id=' . $_GET['section_id'];
}
echo 'You are not logged in. <a href="' . getLink('account/manage') . '?redirect=' . BASE_URL . urlencode(getLink('forum') . $extra_url) . '">Log in</a> to post on the forum.<br /><br />';
echo 'You are not logged in. <a href="' . getLink('account/manage') . '?redirect=' . urlencode(getLink('forum') . $extra_url) . '">Log in</a> to post on the forum.<br /><br />';
return;
}

2
system/pages/forum/remove_post.php
View File

@ -19,7 +19,7 @@ if ($ret === false) {
}
if(!$logged) {
echo 'You are not logged in. <a href="' . getLink('account/manage') . '?redirect=' . BASE_URL . urlencode(getLink('forum')) . '">Log in</a> to post on the forum.<br /><br />';
echo 'You are not logged in. <a href="' . getLink('account/manage') . '?redirect=' . urlencode(getLink('forum')) . '">Log in</a> to post on the forum.<br /><br />';
return;
}

4
system/pages/polls.php
View File

@ -51,7 +51,7 @@ function getColorByPercent($percent)
if($logged)
echo $link.'?id='.$poll['id'];
else
echo getLink('account/manage') . '?redirect=' . BASE_URL . urlencode($link.'?id='.$poll['id']);
echo getLink('account/manage') . '?redirect=' . urlencode($link.'?id='.$poll['id']);
echo '">'.$poll['question'] . '</a>
</td>
@ -80,7 +80,7 @@ function getColorByPercent($percent)
if($logged)
echo $link.'?id='.$poll['id'];
else
echo getLink('account/manage') . '?redirect=' . BASE_URL . urlencode($link.'?id='.$poll['id']);
echo getLink('account/manage') . '?redirect=' . urlencode($link.'?id='.$poll['id']);
echo '">'.$poll['question'] . '</a>
</td>