diff options
author | Christian Schneider | 2011-09-08 17:00:51 +0000 |
---|---|---|
committer | Christian Schneider | 2011-09-08 17:00:51 +0000 |
commit | 42a644847dc2091485d8980e82986d9c155016ef (patch) | |
tree | 44eb67f53555eebf8b1a71ff2365589aa76d055e | |
parent | c7efb186e47135acac829f5831615e3f6bd03b5d (diff) | |
download | itools-42a644847dc2091485d8980e82986d9c155016ef.tar.gz itools-42a644847dc2091485d8980e82986d9c155016ef.tar.bz2 itools-42a644847dc2091485d8980e82986d9c155016ef.zip |
Enforce parameter of it_url::redirect to be either 'permanent' or 'temporary'
-rw-r--r-- | it_url.class | 7 |
1 files changed, 5 insertions, 2 deletions
diff --git a/it_url.class b/it_url.class index 56aa182..5a65f12 100644 --- a/it_url.class +++ b/it_url.class @@ -683,10 +683,13 @@ function absolute($url=null) */ function redirect($url = null, $type = "temporary") { + $codes = array('permanent' => 301, 'temporary' => 303); # NOTE: HTTP 303 is called "See Other", rather than Temporary (which would be HTTP 307), but is the behaviour one usually wants for temporary redirects + if (!($code = $codes[$type])) + it::fatal("Invalid redirect type '$type', must be 'permanent' or 'temporary'"); + $url = preg_replace("/[\r\n].*/", '', it_url::absolute($url)); # Security: cut after CR/LF - $code = substr($type, 0, 4) == "perm" ? 301 : 303; # NOTE: HTTP 303 is called "See Other", rather than Temporary (which would be HTTP 307), but is the behaviour one usually wants for temporary redirects if (EDC('noredir')) - echo "<a href='" . htmlspecialchars($url) . "'>" . htmlspecialchars($url) . "</a> (HTTP/1.1 $code, $type redirect)<br />" . it_debug::backtrace(); + echo "<a href='" . htmlspecialchars($url) . "'>" . htmlspecialchars($url) . "</a> (HTTP/1.1 $code, $type redirect)<br />Trace: " . it_debug::backtrace(); else header('Location: ' . it_untaint($url, TC_SELF), true, $code); exit; |