diff options
| author | Simon Rettberg | 2019-12-13 15:57:28 +0100 |
|---|---|---|
| committer | Simon Rettberg | 2019-12-13 15:57:28 +0100 |
| commit | c3b2efc93528b50c480a584c67283afe9ea077b6 (patch) | |
| tree | 36b5bf27028bf6c342227fa36e9175d46e31135d /inc | |
| parent | [rebootcontrol] Longer cooldown for client status updates (diff) | |
| download | slx-admin-c3b2efc93528b50c480a584c67283afe9ea077b6.tar.gz slx-admin-c3b2efc93528b50c480a584c67283afe9ea077b6.tar.xz slx-admin-c3b2efc93528b50c480a584c67283afe9ea077b6.zip | |
[inc/Render] Add qstr_urlencode as global mustache var
Diffstat (limited to 'inc')
| -rw-r--r-- | inc/render.inc.php | 5 | ||||
| -rw-r--r-- | inc/util.inc.php | 4 |
2 files changed, 7 insertions, 2 deletions
diff --git a/inc/render.inc.php b/inc/render.inc.php index f8f9e56b..34e064bc 100644 --- a/inc/render.inc.php +++ b/inc/render.inc.php @@ -230,6 +230,11 @@ class Render $params['password_type'] = Property::getPasswordFieldType(); // Branding $params['product_name'] = defined('CONFIG_PRODUCT_NAME') ? CONFIG_PRODUCT_NAME : 'OpenSLX'; + // Query string + if (strpos($_SERVER['QUERY_STRING'], 'message[]=') !== false) { + $_SERVER['QUERY_STRING'] = preg_replace('/message\[\]=[^&]+(&|$)/', '', $_SERVER['QUERY_STRING']); + } + $params['qstr_urlencode'] = rawurlencode('?' . $_SERVER['QUERY_STRING']); // Return rendered html return self::$mustache->render($html, $params); } diff --git a/inc/util.inc.php b/inc/util.inc.php index 9c9d4e58..21d784a8 100644 --- a/inc/util.inc.php +++ b/inc/util.inc.php @@ -156,13 +156,13 @@ SADFACE; public static function redirect($location = false, $preferRedirectPost = false) { if ($location === false) { - $location = preg_replace('/(&|\?)message\[\]\=[^&]*/', '\1', $_SERVER['REQUEST_URI']); + $location = preg_replace('/([&?])message\[\]\=[^&]*/', '\1', $_SERVER['REQUEST_URI']); } Session::save(); $messages = Message::toRequest(); if ($preferRedirectPost && ($redirect = Request::post('redirect', false, 'string')) !== false - && !preg_match(',^(\w+\:|//),', $redirect) /* no uri scheme, no server */) { + && !preg_match(',^([0-9a-zA-Z_+\-]+:|//),', $redirect) /* no uri scheme, no server */) { $location = $redirect; } if (!empty($messages)) { |