redir()

fn/common.php

@@ -76,3 +76,13 @@ function redirUrl($pageId) {
 	if (PAGE !== 'index') $currentPath .= PAGE;
 	return CONF['common']['prefix'] . "/$pageId?redir=$currentPath";
 }
+
+function redir() {
+	if (isset($_GET['redir'])) {
+		if (preg_match('/^[0-9a-z\/-]{0,128}$/', $_GET['redir']) !== 1)
+			userError("Wrong character in <code>redir</code>.");
+		header('Location: ' . CONF['common']['prefix'] . '/' . $_GET['redir']);
+	} else {
+		header('Location: ' . CONF['common']['prefix'] . '/');
+	}
+}

public/auth/login.php

@@ -33,12 +33,6 @@ $_SESSION['username'] = $_POST['username'];
 if (outdatedPasswordHash($_SESSION['username']))
 	changePassword($_SESSION['username'], $_POST['password']);
 
-if (isset($_GET['redir'])) {
-	if (preg_match("/^[0-9a-z\/-]+$/", $_GET['redir']) !== 1)
-		userError("Wrong character in <code>redir</code>.");
-	header("Location: " . CONF['common']['prefix'] . "/" . $_GET['redir']);
-} else {
-	header("Location: " . CONF['common']['prefix'] . "/");
-}
+redir();
 
 success("Connecté·e.");

public/auth/logout.php

@@ -6,5 +6,5 @@ if (session_status() === PHP_SESSION_ACTIVE)
 	session_destroy();
 
 header('Clear-Site-Data: "*"');
-header('Location: ' . CONF['common']['prefix'] . '/');
+redir();
 success("Déconnecté·e.");

public/auth/register.php

@@ -52,6 +52,6 @@ $stmt->execute();
 
 $_SESSION['username'] = $_POST['username'];
 
-header('Location: ' . CONF['common']['prefix'] . '/');
+redir();
 
 success("Compte créé.");