diff options
author | zottel <github@zottel.net> | 2014-01-09 15:59:42 +0100 |
---|---|---|
committer | zottel <github@zottel.net> | 2014-01-09 15:59:42 +0100 |
commit | cd65d172baab020802421db8e5b5d54033dafaa8 (patch) | |
tree | f314fda58403a75ae628bda50cb62aaf39a0dbdb /include | |
parent | c6b9e443530fa2598f931571a0aa026b7bef8992 (diff) | |
download | volse-hubzilla-cd65d172baab020802421db8e5b5d54033dafaa8.tar.gz volse-hubzilla-cd65d172baab020802421db8e5b5d54033dafaa8.tar.bz2 volse-hubzilla-cd65d172baab020802421db8e5b5d54033dafaa8.zip |
urlencode query_string for magic auth to make sure GET params make it back
to the originating server
Diffstat (limited to 'include')
-rw-r--r-- | include/identity.php | 4 |
1 files changed, 2 insertions, 2 deletions
diff --git a/include/identity.php b/include/identity.php index 5e25244e6..9fba55da5 100644 --- a/include/identity.php +++ b/include/identity.php @@ -1023,7 +1023,7 @@ function zid_init(&$a) { dbesc($tmp_str) ); // try to avoid recursion - but send them home to do a proper magic auth - $dest = '/' . $a->query_string; + $dest = '/' . urlencode($a->query_string); $dest = str_replace(array('?zid=','&zid='),array('?rzid=','&rzid='),$dest); if($r && ($r[0]['hubloc_url'] != z_root()) && (! strstr($dest,'/magic')) && (! strstr($dest,'/rmagic'))) { goaway($r[0]['hubloc_url'] . '/magic' . '?f=&rev=1&dest=' . z_root() . $dest); @@ -1140,4 +1140,4 @@ function is_foreigner($s) { function is_member($s) { return((is_foreigner($s)) ? false : true); -}
\ No newline at end of file +} |