diff options
| author |   Graham Eames <grahamje@users.sourceforge.net> | 2006-04-22 20:28:42 +0000 |
|---|---|---|
| committer | Graham Eames <grahamje@users.sourceforge.net> | 2006-04-22 20:28:42 +0000 |
| commit | 46adf29d8b79df4dc645bdca3a05b1a0a1f08539 (patch) | |
| tree | ffe1d2d6cd4ac031bdc28cbc15751c6eaa5e1879 | |
| parent | Fix for poll deletion mistakenly altering forum stats [#1602] (diff) | |
| download | phpbb-46adf29d8b79df4dc645bdca3a05b1a0a1f08539.tar.gz phpbb-46adf29d8b79df4dc645bdca3a05b1a0a1f08539.tar.bz2 phpbb-46adf29d8b79df4dc645bdca3a05b1a0a1f08539.zip | |
Fix missing error message for inactive users [#1598]
(This is only actually a one line change, but the resulting indent change makes for a large block in the code changes unfortunately)
git-svn-id: file:///svn/phpbb/branches/phpBB-2_0_0@5835 89ea8834-ac86-4346-8a33-228a782c2dd0
| -rw-r--r-- | phpBB/login.php | 26 |
1 files changed, 13 insertions, 13 deletions
diff --git a/phpBB/login.php b/phpBB/login.php index f135fbbc5f..15d0d449d2 100644 --- a/phpBB/login.php +++ b/phpBB/login.php @@ -118,23 +118,23 @@ if( isset($HTTP_POST_VARS['login']) || isset($HTTP_GET_VARS['login']) || isset($ WHERE user_id = ' . $row['user_id']; $db->sql_query($sql); } - - $redirect = ( !empty($HTTP_POST_VARS['redirect']) ) ? str_replace('&', '&', htmlspecialchars($HTTP_POST_VARS['redirect'])) : ''; - $redirect = str_replace('?', '&', $redirect); + } - if (strstr(urldecode($redirect), "\n") || strstr(urldecode($redirect), "\r")) - { - message_die(GENERAL_ERROR, 'Tried to redirect to potentially insecure url.'); - } + $redirect = ( !empty($HTTP_POST_VARS['redirect']) ) ? str_replace('&', '&', htmlspecialchars($HTTP_POST_VARS['redirect'])) : ''; + $redirect = str_replace('?', '&', $redirect); - $template->assign_vars(array( - 'META' => "<meta http-equiv=\"refresh\" content=\"3;url=login.$phpEx?redirect=$redirect\">") - ); + if (strstr(urldecode($redirect), "\n") || strstr(urldecode($redirect), "\r")) + { + message_die(GENERAL_ERROR, 'Tried to redirect to potentially insecure url.'); + } - $message = $lang['Error_login'] . '<br /><br />' . sprintf($lang['Click_return_login'], "<a href=\"login.$phpEx?redirect=$redirect\">", '</a>') . '<br /><br />' . sprintf($lang['Click_return_index'], '<a href="' . append_sid("index.$phpEx") . '">', '</a>'); + $template->assign_vars(array( + 'META' => "<meta http-equiv=\"refresh\" content=\"3;url=login.$phpEx?redirect=$redirect\">") + ); - message_die(GENERAL_MESSAGE, $message); - } + $message = $lang['Error_login'] . '<br /><br />' . sprintf($lang['Click_return_login'], "<a href=\"login.$phpEx?redirect=$redirect\">", '</a>') . '<br /><br />' . sprintf($lang['Click_return_index'], '<a href="' . append_sid("index.$phpEx") . '">', '</a>'); + + message_die(GENERAL_MESSAGE, $message); } } else |