Use the routing library to build proper URIs instead of relying on the "REQUEST_URI" server variable which can be manipulated and might return bogus URIs.
Signed-off-by: Lukas Fleischer <[email protected]> --- web/html/login.php | 4 ++-- web/template/pkg_comment_form.php | 2 +- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/web/html/login.php b/web/html/login.php index d5bb1e7..9b3715b 100644 --- a/web/html/login.php +++ b/web/html/login.php @@ -20,7 +20,7 @@ html_header('AUR ' . __("Login")); <a href="<?php get_uri('/logout/'); ?>">[<?= __("Logout"); ?>]</a> </p> <?php elseif (!$DISABLE_HTTP_LOGIN || (isset($_SERVER['HTTPS']) && $_SERVER['HTTPS'])): ?> - <form method="post" action="<?= htmlspecialchars($_SERVER['REQUEST_URI'], ENT_QUOTES) ?>"> + <form method="post" action="<?= get_uri('/login') ?>"> <fieldset> <legend><?= __('Enter login credentials') ?></legend> <?php if (!empty($login_error)): ?> @@ -47,7 +47,7 @@ html_header('AUR ' . __("Login")); <?php else: ?> <p> <?php printf(__("HTTP login is disabled. Please %sswitch to HTTPs%s if you want to login."), - '<a href="' . $AUR_LOCATION . htmlspecialchars($_SERVER['REQUEST_URI'], ENT_QUOTES) . '">', '</a>'); ?> + '<a href="' . $AUR_LOCATION . get_uri('/login') . '">', '</a>'); ?> </p> <?php endif; ?> </div> diff --git a/web/template/pkg_comment_form.php b/web/template/pkg_comment_form.php index da871ec..8e74fe6 100644 --- a/web/template/pkg_comment_form.php +++ b/web/template/pkg_comment_form.php @@ -1,6 +1,6 @@ <div id="generic-form" class="box"> <h2><?= __("Add Comment"); ?></h2> - <form action="<?= $_SERVER['REQUEST_URI'] ?>" method="post"> + <form action="<?= get_pkg_uri($row['Name']) ?>" method="post"> <fieldset> <?php if (isset($_REQUEST['comment']) && check_token()) { -- 1.8.0
