Link control for guests in re.php
This commit is contained in:
Visman
parent
023c24d74a
commit
f03b87511b
4 changed files with 15 additions and 8 deletions
|
|
@ -661,6 +661,7 @@ function preparse_list_tag(string $content, string $type = '*')
|
|||
function handle_url_tag(string $url, string $link = '', bool $bbcode = false)
|
||||
{
|
||||
global $pun_config, $pun_user, $page_js;
|
||||
static $prefix;
|
||||
|
||||
$url = pun_trim($url);
|
||||
|
||||
|
|
@ -692,8 +693,11 @@ function handle_url_tag(string $url, string $link = '', bool $bbcode = false)
|
|||
{
|
||||
if ($pun_config['o_board_redirect'] != '' && ($pun_user['is_guest'] || $pun_config['o_board_redirectg'] != '1') && !preg_match('/'.$pun_config['o_board_redirect'].'/i',$full_url))
|
||||
{
|
||||
$full_url = 're.php?u='.urlencode(str_replace(array('http://', 'https://', 'ftp://'), array('http___', 'https___', 'ftp___'), $full_url));
|
||||
$url = str_replace(array('http://', 'https://', 'ftp://'), '', $url);
|
||||
if (! isset($prefix))
|
||||
$prefix = $pun_user['is_guest'] && ! $pun_user['is_bot'] ? 'csrf_hash=' . csrf_hash('re.php') . '&' : '';
|
||||
|
||||
$full_url = 're.php?'.$prefix.'u='.urlencode(str_replace(['http://', 'https://', 'ftp://'], ['http___', 'https___', 'ftp___'], $full_url));
|
||||
$url = str_replace(['http://', 'https://', 'ftp://'], '', $url);
|
||||
}
|
||||
|
||||
if ($link == '' || $link == $url)
|
||||
|
|
|
|||
File diff suppressed because one or more lines are too long
4
js/media.min.js
vendored
4
js/media.min.js
vendored
File diff suppressed because one or more lines are too long
7
re.php
7
re.php
|
|
@ -1,7 +1,7 @@
|
|||
<?php
|
||||
|
||||
/**
|
||||
* Copyright (C) 2010-2022 Visman (mio.visman@yandex.ru)
|
||||
* Copyright (C) 2010-2023 Visman (mio.visman@yandex.ru)
|
||||
* License: http://www.gnu.org/licenses/gpl.html GPL version 2 or higher
|
||||
*/
|
||||
|
||||
|
|
@ -16,12 +16,15 @@ if ($pun_user['g_read_board'] == '0')
|
|||
if (! is_string($_GET['u'] ?? null) || $pun_user['is_bot'])
|
||||
message($lang_common['Bad request'], false, '404 Not Found');
|
||||
|
||||
if ($pun_user['is_guest'])
|
||||
confirm_referrer('re.php');
|
||||
|
||||
if (file_exists(PUN_ROOT.'lang/'.$pun_user['language'].'/re.php'))
|
||||
require PUN_ROOT.'lang/'.$pun_user['language'].'/re.php';
|
||||
else
|
||||
require PUN_ROOT.'lang/English/re.php';
|
||||
|
||||
$url = str_replace('&', '&', preg_replace(array('%(https?|ftp)___%i', '%([\r\n])|(\%0[ad])|(;\s*data\s*:)%i'), array('$1://', ''), $_GET['u']));
|
||||
$url = str_replace('&', '&', preg_replace(['%(https?|ftp)___%i', '%([\r\n])|(\%0[ad])|(;\s*data\s*:)%i'], ['$1://', ''], $_GET['u']));
|
||||
|
||||
$page_js['c']['re'] = 'function fluxrdr() {if(history.length<2){window.close()}else{history.go(-1)}return false}';
|
||||
|
||||
|
|
|
|||
Loading…
Reference in a new issue