diff options
| -rw-r--r-- | it_url.class | 7 |
1 files changed, 5 insertions, 2 deletions
diff --git a/it_url.class b/it_url.class index 56aa182..5a65f12 100644 --- a/it_url.class +++ b/it_url.class @@ -683,10 +683,13 @@ function absolute($url=null) */ function redirect($url = null, $type = "temporary") { + $codes = array('permanent' => 301, 'temporary' => 303); # NOTE: HTTP 303 is called "See Other", rather than Temporary (which would be HTTP 307), but is the behaviour one usually wants for temporary redirects + if (!($code = $codes[$type])) + it::fatal("Invalid redirect type '$type', must be 'permanent' or 'temporary'"); + $url = preg_replace("/[\r\n].*/", '', it_url::absolute($url)); # Security: cut after CR/LF - $code = substr($type, 0, 4) == "perm" ? 301 : 303; # NOTE: HTTP 303 is called "See Other", rather than Temporary (which would be HTTP 307), but is the behaviour one usually wants for temporary redirects if (EDC('noredir')) - echo "<a href='" . htmlspecialchars($url) . "'>" . htmlspecialchars($url) . "</a> (HTTP/1.1 $code, $type redirect)<br />" . it_debug::backtrace(); + echo "<a href='" . htmlspecialchars($url) . "'>" . htmlspecialchars($url) . "</a> (HTTP/1.1 $code, $type redirect)<br />Trace: " . it_debug::backtrace(); else header('Location: ' . it_untaint($url, TC_SELF), true, $code); exit; |