nsinnovations/fusionpbx
2
0
Fork 0
mirror of https://github.com/fusionpbx/fusionpbx.git synced 2025-12-30 00:53:50 +00:00
Code Issues Packages Projects Releases Wiki Activity

Santize the login destination url that is picked up from the database

Browse Source
This commit is contained in:
markjcrane
2021-07-25 14:14:53 -06:00
parent c3b811393d
commit cb2a37bf6a
1 changed files with 9 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

11
resources/login.php
View File

@@ -242,8 +242,15 @@
//set variable if not set
if (!isset($_SESSION['login']['domain_name_visible']['boolean'])) { $_SESSION['login']['domain_name_visible']['boolean'] = null; }
//set a default login destination
if (strlen($_SESSION['login']['destination']['url']) == 0) {
//santize the login destination url and set a default value
if (isset($_SESSION['login']['destination']['url'])) {
$destination_path = parse_url($_SESSION['login']['destination']['url'])['path'];
$destination_query = parse_url($_SESSION['login']['destination']['url'])['query'];
$destination_path = preg_replace('#[^a-zA-Z0-9_\-\./]#', '', $destination_path);
$destination_query = preg_replace('#[^a-zA-Z0-9_\-\./&=]#', '', $destination_query);
$_SESSION['login']['destination']['url'] = (strlen($destination_query) > 0) ? $destination_path.'?'.$destination_query : $destination_path;
}
else {
$_SESSION['login']['destination']['url'] = PROJECT_PATH."/core/user_settings/user_dashboard.php";
}