[Fusionforge-commits] FusionForge branch master updated. 6.0.4-820-g5877d58

Franck Villaume nerville at libremir.placard.fr.eu.org
Wed Aug 31 20:24:03 CEST 2016


This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "FusionForge".

The branch, master has been updated
       via  5877d5897d6b9acba4041ccf48dbd82dbb09075d (commit)
      from  d46655044336a8f9c91c7d53be10745c87cb75a7 (commit)

Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.

- Log -----------------------------------------------------------------
https://scm.fusionforge.org/anonscm/gitweb/?p=fusionforge/fusionforge.git;a=commitdiff;h=5877d5897d6b9acba4041ccf48dbd82dbb09075d

commit 5877d5897d6b9acba4041ccf48dbd82dbb09075d
Author: Franck Villaume <franck.villaume at trivialdev.com>
Date:   Wed Aug 31 20:22:02 2016 +0200

    fix usage of PHP_SELF with url_prefix

diff --git a/src/common/include/pre.php b/src/common/include/pre.php
index 4199e25..f66bf4b 100644
--- a/src/common/include/pre.php
+++ b/src/common/include/pre.php
@@ -30,14 +30,6 @@ util_init_messages();
 
 require_once $gfcommon.'include/config.php';
 
-if (isset($_SERVER) && array_key_exists('PHP_SELF', $_SERVER) && $_SERVER['PHP_SELF']) {
-	$_SERVER['PHP_SELF'] = htmlspecialchars($_SERVER['PHP_SELF']);
-}
-
-if (isset($GLOBALS) && array_key_exists('PHP_SELF', $GLOBALS) && $GLOBALS['PHP_SELF']) {
-	$GLOBALS['PHP_SELF'] = htmlspecialchars($GLOBALS['PHP_SELF']);
-}
-
 // Block link prefetching (Moz prefetching, Google Web Accelerator, others)
 // http://www.google.com/webmasters/faq.html#prefetchblock
 if (getStringFromServer('HTTP_X_moz') === 'prefetch'){
@@ -94,6 +86,21 @@ if (($ecd = forge_get_config ('extra_config_dirs')) != NULL) {
 	}
 }
 
+$url_prefix = forge_get_config('url_prefix');
+if (isset($_SERVER) && array_key_exists('PHP_SELF', $_SERVER) && $_SERVER['PHP_SELF']) {
+	$_SERVER['PHP_SELF'] = htmlspecialchars($_SERVER['PHP_SELF']);
+	if (substr($_SERVER['PHP_SELF'], 0, strlen($url_prefix)) == $url_prefix) {
+		$_SERVER['PHP_SELF'] = '/'.substr($_SERVER['PHP_SELF'], strlen($url_prefix));
+	}
+}
+
+if (isset($GLOBALS) && array_key_exists('PHP_SELF', $GLOBALS) && $GLOBALS['PHP_SELF']) {
+	$GLOBALS['PHP_SELF'] = htmlspecialchars($GLOBALS['PHP_SELF']);
+	if (substr($GLOBALS['PHP_SELF'], 0, strlen($url_prefix)) == $url_prefix) {
+		$GLOBALS['PHP_SELF'] = '/'.substr($GLOBALS['PHP_SELF'], strlen($url_prefix));
+	}
+}
+
 if (forge_get_config('use_ssl')) {
 	header('Access-Control-Allow-Origin: http://'.forge_get_config('web_host'));
 }

-----------------------------------------------------------------------

Summary of changes:
 src/common/include/pre.php | 23 +++++++++++++++--------
 1 file changed, 15 insertions(+), 8 deletions(-)


hooks/post-receive
-- 
FusionForge



More information about the Fusionforge-commits mailing list