Home Explore Help
Sign In
TC
/
TeaBag
1
0
Fork 0
Files Issues 0 Pull Requests 0 Wiki
Tree: d787e0a0a3
Branches Tags
TeaBag
/
run
/
phpapps
/
phpmyadmin
/
url.php

url.php 1.0 KB
History Raw

12345678910111213141516171819202122232425262728293031323334 
  1. <?php
    2. 

  2. /* vim: set expandtab sw=4 ts=4 sts=4: */
    3. 

  3. /**
    4. 

  4.  * URL redirector to avoid leaking Referer with some sensitive information.
    5. 

  5.  *
    6. 

  6.  * @package PhpMyAdmin
    7. 

  7.  */
    8. 

  8. 

  9. /**
    10. 

  10.  * Gets core libraries and defines some variables
    11. 

  11.  */
    12. 

  12. define('PMA_MINIMUM_COMMON', true);
    13. 

  13. require_once './libraries/common.inc.php';
    14. 

  14. 

  15. if (! PMA_isValid($_GET['url'])
    16. 

  16.     || ! preg_match('/^https?:\/\/[^\n\r]*$/', $_GET['url'])
    17. 

  17.     || ! PMA_isAllowedDomain($_GET['url'])
    18. 

  18. ) {
    19. 

  19.     header('Location: ' . $cfg['PmaAbsoluteUri']);
    20. 

  20. } else {
    21. 

  21.     // JavaScript redirection is necessary. Because if header() is used
    22. 

  22.     //  then web browser sometimes does not change the HTTP_REFERER
    23. 

  23.     //  field and so with old URL as Referer, token also goes to
    24. 

  24.     //  external site.
    25. 

  25.     echo "<script type='text/javascript'>
    26. 

  26.             window.onload=function(){
    27. 

  27.                 window.location='" . htmlspecialchars($_GET['url']) . "';
    28. 

  28.             }
    29. 

  29.         </script>";
    30. 

  30.     // Display redirecting msg on screen.
    31. 

  31.     printf(__('Taking you to %s.'), htmlspecialchars($_GET['url']));
    32. 

  32. }
    33. 

  33. die();
    34. 

  34. ?>
    35.