From df5810a6fa88aa1f7504cf44a0922ec563fb8351 Mon Sep 17 00:00:00 2001 From: Christian Schneider Date: Mon, 10 Aug 2009 10:16:44 +0000 Subject: Support ports othen than port 80, output full url in noredir mode --- it_url.class | 9 ++++----- 1 file changed, 4 insertions(+), 5 deletions(-) (limited to 'it_url.class') diff --git a/it_url.class b/it_url.class index 7035291..83c0781 100644 --- a/it_url.class +++ b/it_url.class @@ -583,7 +583,7 @@ function absolute($url=null) { $dir = preg_replace('#/[^/]*$#', '/', $_SERVER['PHP_SELF']); $url = preg_match('#^/#', $url) ? $url : "$dir$url"; - $url = "//" . $_SERVER['HTTP_HOST'] . $url; + $url = "//" . $_SERVER['HTTP_HOST'] . ($_SERVER['SERVER_PORT'] == 80 ? "" : ":{$_SERVER['SERVER_PORT']}") . $url; } $url = "http" . (isset($_SERVER['HTTPS']) ? 's':'') . ":$url"; } @@ -598,13 +598,12 @@ function absolute($url=null) */ function redirect($url = null) { + $url = preg_replace("/[\r\n].*/", '', it_url::absolute($url)); # Security: cut after CR/LF + if (EDC('noredir')) - echo "" . htmlspecialchars($url) . "
"; + echo "" . htmlspecialchars($url) . "
"; else - { - $url = preg_replace("/[\r\n].*/", '', it_url::absolute($url)); # Security: cut after CR/LF header('Location: ' . it_untaint($url, TC_SELF)); - } exit; } -- cgit v1.2.3