adding defaults in mod/redir.php

This commit is contained in:
Philipp Holzer 2018-10-20 01:01:15 +02:00
parent 363d00cc45
commit 32af52842b
No known key found for this signature in database
GPG key ID: 517BE60E2CE5C8A5
3 changed files with 22 additions and 12 deletions

View file

@ -4810,7 +4810,7 @@ function api_friendica_remoteauth()
logger($contact['name'] . ' ' . $sec, LOGGER_DEBUG); logger($contact['name'] . ' ' . $sec, LOGGER_DEBUG);
$dest = ($url ? '&destination_url=' . $url : ''); $dest = ($url ? '&destination_url=' . $url : '');
System::externalRedirect(( System::externalRedirect(
$contact['poll'] . '?dfrn_id=' . $dfrn_id $contact['poll'] . '?dfrn_id=' . $dfrn_id
. '&dfrn_version=' . DFRN_PROTOCOL_VERSION . '&dfrn_version=' . DFRN_PROTOCOL_VERSION
. '&type=profile&sec=' . $sec . $dest . '&type=profile&sec=' . $sec . $dest

View file

@ -36,7 +36,7 @@ function redir_init(App $a) {
|| (!local_user() && !remote_user()) // Visitors (not logged in or not remotes) can't authenticate. || (!local_user() && !remote_user()) // Visitors (not logged in or not remotes) can't authenticate.
|| (!empty($a->contact['id']) && $a->contact['id'] == $cid)) // Local user is already authenticated. || (!empty($a->contact['id']) && $a->contact['id'] == $cid)) // Local user is already authenticated.
{ {
System::externalRedirect($url != '' ? $url : $contact_url); System::externalRedirect(defaults($url, $contact_url));
} }
if ($contact['uid'] == 0 && local_user()) { if ($contact['uid'] == 0 && local_user()) {
@ -50,7 +50,7 @@ function redir_init(App $a) {
if (!empty($a->contact['id']) && $a->contact['id'] == $cid) { if (!empty($a->contact['id']) && $a->contact['id'] == $cid) {
// Local user is already authenticated. // Local user is already authenticated.
$target_url = $url != '' ? $url : $contact_url; $target_url = defaults($url, $contact_url);
logger($contact['name'] . " is already authenticated. Redirecting to " . $target_url, LOGGER_DEBUG); logger($contact['name'] . " is already authenticated. Redirecting to " . $target_url, LOGGER_DEBUG);
System::externalRedirect($target_url); System::externalRedirect($target_url);
} }
@ -71,7 +71,7 @@ function redir_init(App $a) {
foreach ($_SESSION['remote'] as $v) { foreach ($_SESSION['remote'] as $v) {
if ($v['uid'] == $_SESSION['visitor_visiting'] && $v['cid'] == $_SESSION['visitor_id']) { if ($v['uid'] == $_SESSION['visitor_visiting'] && $v['cid'] == $_SESSION['visitor_id']) {
// Remote user is already authenticated. // Remote user is already authenticated.
$target_url = $url != '' ? $url : $contact_url; $target_url = defaults($url, $contact_url);
logger($contact['name'] . " is already authenticated. Redirecting to " . $target_url, LOGGER_DEBUG); logger($contact['name'] . " is already authenticated. Redirecting to " . $target_url, LOGGER_DEBUG);
System::externalRedirect($target_url); System::externalRedirect($target_url);
} }
@ -106,7 +106,7 @@ function redir_init(App $a) {
. '&dfrn_version=' . DFRN_PROTOCOL_VERSION . '&type=profile&sec=' . $sec . $dest . $quiet); . '&dfrn_version=' . DFRN_PROTOCOL_VERSION . '&type=profile&sec=' . $sec . $dest . $quiet);
} }
$url = $url != '' ? $url : $contact_url; $url = defaults($url, $contact_url);
} }
// If we don't have a connected contact, redirect with // If we don't have a connected contact, redirect with
@ -121,7 +121,7 @@ function redir_init(App $a) {
} }
logger('redirecting to ' . $url, LOGGER_DEBUG); logger('redirecting to ' . $url, LOGGER_DEBUG);
$a->internalRedirect($url); System::externalRedirect($url);
} }
notice(L10n::t('Contact not found.')); notice(L10n::t('Contact not found.'));

View file

@ -7,6 +7,7 @@ namespace Friendica\Module;
use Friendica\BaseModule; use Friendica\BaseModule;
use Friendica\Database\DBA; use Friendica\Database\DBA;
use Friendica\Model\Contact; use Friendica\Model\Contact;
use Friendica\Core\System;
use Friendica\Util\HTTPSignature; use Friendica\Util\HTTPSignature;
use Friendica\Util\Network; use Friendica\Util\Network;
@ -41,9 +42,13 @@ class Magic extends BaseModule
if (!$cid) { if (!$cid) {
logger('No contact record found: ' . print_r($_REQUEST, true), LOGGER_DEBUG); logger('No contact record found: ' . print_r($_REQUEST, true), LOGGER_DEBUG);
// @TODO Finding a more elegant possibility to redirect to either internal or external URL
if (filter_var($dest, FILTER_VALIDATE_URL)) {
System::externalRedirect($dest);
} else {
$a->internalRedirect($dest); $a->internalRedirect($dest);
} }
}
$contact = DBA::selectFirst('contact', ['id', 'nurl', 'url'], ['id' => $cid]); $contact = DBA::selectFirst('contact', ['id', 'nurl', 'url'], ['id' => $cid]);
// Redirect if the contact is already authenticated on this site. // Redirect if the contact is already authenticated on this site.
@ -55,7 +60,7 @@ class Magic extends BaseModule
} }
logger('Contact is already authenticated', LOGGER_DEBUG); logger('Contact is already authenticated', LOGGER_DEBUG);
$a->internalRedirect($dest); System::externalRedirect($dest);
} }
if (local_user()) { if (local_user()) {
@ -99,10 +104,10 @@ class Magic extends BaseModule
$x = strpbrk($dest, '?&'); $x = strpbrk($dest, '?&');
$args = (($x) ? '&owt=' . $token : '?f=&owt=' . $token); $args = (($x) ? '&owt=' . $token : '?f=&owt=' . $token);
$a->internalRedirect($dest . $args); System::externalRedirect($dest . $args);
} }
} }
$a->internalRedirect($dest); System::externalRedirect($dest);
} }
} }
@ -111,6 +116,11 @@ class Magic extends BaseModule
return $ret; return $ret;
} }
// @TODO Finding a more elegant possibility to redirect to either internal or external URL
if (filter_var($dest, FILTER_VALIDATE_URL)) {
System::externalRedirect($dest);
} else {
$a->internalRedirect($dest); $a->internalRedirect($dest);
} }
} }
}