aboutsummaryrefslogtreecommitdiffhomepage
path: root/application
diff options
context:
space:
mode:
authorVirtualTam <tamisier.aurelien@gmail.com>2015-07-12 19:56:13 +0200
committerVirtualTam <tamisier.aurelien@gmail.com>2015-07-12 19:56:13 +0200
commit5b0ebbc5de06b8a0e9679b78b45d0dc755db7986 (patch)
treeed6a7f6c7ea02d0942d32c31637553976e978c5f /application
parent1dcbe29611a4ba4b4b2d37954105c1fc8da33496 (diff)
parent775803a05cdba9d7fc1b37af4b15ecd80a8cbcc2 (diff)
downloadShaarli-5b0ebbc5de06b8a0e9679b78b45d0dc755db7986.tar.gz
Shaarli-5b0ebbc5de06b8a0e9679b78b45d0dc755db7986.tar.zst
Shaarli-5b0ebbc5de06b8a0e9679b78b45d0dc755db7986.zip
Merge pull request #257 from ArthurHoaro/tag-http-referer
Prevent redirection loop everytime we rely on HTTP_REFERER
Diffstat (limited to 'application')
-rw-r--r--application/Utils.php34
1 files changed, 33 insertions, 1 deletions
diff --git a/application/Utils.php b/application/Utils.php
index a1e97b35..658b97bc 100644
--- a/application/Utils.php
+++ b/application/Utils.php
@@ -84,4 +84,36 @@ function checkDateFormat($format, $string)
84 $date = DateTime::createFromFormat($format, $string); 84 $date = DateTime::createFromFormat($format, $string);
85 return $date && $date->format($string) == $string; 85 return $date && $date->format($string) == $string;
86} 86}
87?> 87
88/**
89 * Generate a header location from HTTP_REFERER.
90 * Make sure the referer is Shaarli itself and prevent redirection loop.
91 *
92 * @param string $referer - HTTP_REFERER.
93 * @param string $host - Server HOST.
94 * @param array $loopTerms - Contains list of term to prevent redirection loop.
95 *
96 * @return string $referer - final referer.
97 */
98function generateLocation($referer, $host, $loopTerms = array())
99{
100 $final_referer = '?';
101
102 // No referer if it contains any value in $loopCriteria.
103 foreach ($loopTerms as $value) {
104 if (strpos($referer, $value) !== false) {
105 return $final_referer;
106 }
107 }
108
109 // Remove port from HTTP_HOST
110 if ($pos = strpos($host, ':')) {
111 $host = substr($host, 0, $pos);
112 }
113
114 if (!empty($referer) && strpos(parse_url($referer, PHP_URL_HOST), $host) !== false) {
115 $final_referer = $referer;
116 }
117
118 return $final_referer;
119}