mirror/php-phpbb
1
0
Fork 0
mirror of https://github.com/phpbb/phpbb.git synced 2025-02-24 12:03:21 +01:00
Code Issues Releases Wiki Activity

Disable referer validation on install if it is not possible to determine correct referer due to a proxy setup (Bug #32765)

Browse Source 
git-svn-id: file:///svn/phpbb/branches/phpBB-3_0_0@9024 89ea8834-ac86-4346-8a33-228a782c2dd0
This commit is contained in:
Meik Sievertsen 2008-10-17 10:31:20 +00:00
parent 77058f31c2
commit b384952dee
1 changed files with 10 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
phpBB/install/install_install.php
View File

@ -1118,6 +1118,7 @@ class install_install extends module
// HTTP_HOST is having the correct browser url in most cases...
$server_name = (!empty($_SERVER['HTTP_HOST'])) ? strtolower($_SERVER['HTTP_HOST']) : ((!empty($_SERVER['SERVER_NAME'])) ? $_SERVER['SERVER_NAME'] : getenv('SERVER_NAME'));
$referer = (!empty($_SERVER['HTTP_REFERRER'])) ? strtolower($_SERVER['HTTP_REFERRER']) : getenv('HTTP_REFERRER');
// HTTP HOST can carry a port number...
if (strpos($server_name, ':') !== false)
@ -1376,6 +1377,15 @@ class install_install extends module
WHERE config_name = 'captcha_gd'";
}
$ref = substr($referer, strpos($referer, '://') + 3);
if (!(stripos($ref, $server_name) === 0))
{
$sql_ary[] = 'UPDATE ' . $data['table_prefix'] . "config
SET config_value = '0'
WHERE config_name = 'referer_validation'";
}
// We set a (semi-)unique cookie name to bypass login issues related to the cookie name.
$cookie_name = 'phpbb3_';
$rand_str = md5(mt_rand());