AS1024/itflow
1
0
Fork 0
mirror of https://github.com/itflow-org/itflow synced 2026-02-28 02:44:53 +00:00
Code Issues Packages Projects Releases Wiki Activity

updated

Browse Source 
fixed domain url from config to prevent open redirect issue and encoded uri
This commit is contained in:
Hugo Sampaio
2024-05-03 09:34:50 -03:00
parent b8c529c2ec
commit bab66bf769
2 changed files with 3 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
check_login.php
View File

@@ -21,7 +21,7 @@ if (!isset($_SESSION['logged']) || !$_SESSION['logged']) {
if($_SERVER["REQUEST_URI"] == "/")
header("Location: login.php");
else
header("Location: login.php?url=".urlencode($_SERVER["REQUEST_SCHEME"] . "://" . $_SERVER["HTTP_HOST"] . $_SERVER["REQUEST_URI"]) );
header("Location: login.php?last_visited=" . base64_encode($_SERVER["REQUEST_URI"]) );
exit;
}
@@ -87,4 +87,3 @@ $num_notifications = $row['num'];
//if ($session_user_config_force_mfa == 1 && $session_token == NULL) {
// header("Location: force_mfa.php");
//}