vh/NetAlertX
1
0
Fork 0
mirror of https://github.com/jokob-sk/NetAlertX.git synced 2025-12-07 09:36:05 -08:00
Code Issues Actions 3 Packages Projects Releases Wiki Activity

Fix error redirect

Browse Source
This commit is contained in:
jokob-sk
2024-10-04 07:52:44 +10:00
parent a758548fea
commit 37290528fc
1 changed files with 10 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

12
front/php/templates/security.php
View File

@@ -22,8 +22,15 @@ function redirect($url) {
// Initialization
$protocol = (!empty($_SERVER['HTTPS']) && $_SERVER['HTTPS'] !== 'off') ? 'https://' : 'http://';
$url = $protocol . $_SERVER['SERVER_NAME'] . $_SERVER['REQUEST_URI'];
$isLogonPage = strpos($url, 'index.php') !== false;
$url = $protocol . $_SERVER['HTTP_HOST'] . $_SERVER['REQUEST_URI'];
// Parse the URL and extract the path component
// error_log("-------------");
$parsedUrl = parse_url($url, PHP_URL_PATH);
// Normalize the path: treat '/' (root) and '/index.php' as equivalent
$isLogonPage = ($parsedUrl === '/' || $parsedUrl === '/index.php');
$authHeader = apache_request_headers()['Authorization'] ?? '';
$sessionLogin = isset($_SESSION['login']) ? $_SESSION['login'] : 0;
@@ -69,6 +76,7 @@ if ($nax_WebProtection == 'true') {
} else {
// We need to redirect
redirect('/index.php');
exit; // exit is needed to prevent authentication bypass
}
}