mirror/php-phpbb
1
0
Fork 0
mirror of https://github.com/phpbb/phpbb.git synced 2025-08-01 22:40:39 +02:00
Code Issues Releases Wiki Activity

#i66

Browse Source 
git-svn-id: file:///svn/phpbb/trunk@8114 89ea8834-ac86-4346-8a33-228a782c2dd0
This commit is contained in:
Meik Sievertsen
2007-09-26 17:00:08 +00:00
parent b2afdc0704
commit bc80703c13
1 changed files with 9 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

9
phpBB/includes/functions.php
View File

@@ -1816,6 +1816,15 @@ function redirect($url, $return = false)
trigger_error('Tried to redirect to potentially insecure url.', E_USER_ERROR); trigger_error('Tried to redirect to potentially insecure url.', E_USER_ERROR);
} }
// Now, also check the protocol and for a valid url the last time...
$allowed_protocols = array('http', 'https', 'ftp', 'ftps');
$url_parts = parse_url($url);
if ($url_parts === false || empty($url_parts['scheme']) || !in_array($url_parts['scheme'], $allowed_protocols))
{
trigger_error('Tried to redirect to potentially insecure url.', E_USER_ERROR);
}
if ($return) if ($return)
{ {
return $url; return $url;