From aedc912d36153b131b3e3bc8a9813c104440aa4b Mon Sep 17 00:00:00 2001 From: Florian Eula Date: Fri, 21 Nov 2014 18:31:31 +0100 Subject: Prevents ?do=addlink from generating a 404 if the user is not logged in Fixes https://github.com/shaarli/Shaarli/issue/47 --- index.php | 8 ++++++++ 1 file changed, 8 insertions(+) (limited to 'index.php') diff --git a/index.php b/index.php index f2410f71..35e83eb5 100644 --- a/index.php +++ b/index.php @@ -1349,6 +1349,14 @@ function renderPage() header('Location: ?do=login&post='.urlencode($_GET['post']).(!empty($_GET['title'])?'&title='.urlencode($_GET['title']):'').(!empty($_GET['description'])?'&description='.urlencode($_GET['description']):'').(!empty($_GET['source'])?'&source='.urlencode($_GET['source']):'')); // Redirect to login page, then back to post link. exit; } + + // Same case as above except that user tried to access ?do=addlink without being logged in + // Note: passing empty parameters makes Shaarli generate default URLs and descriptions. + if (isset($_GET['do']) && $_GET['do'] === 'addlink') { + header('Location: ?do=login&post='); + exit; + } + $PAGE = new pageBuilder; buildLinkList($PAGE,$LINKSDB); // Compute list of links to display $PAGE->renderPage('linklist'); -- cgit v1.2.3