forked from jegelstaff/formulize
-
Notifications
You must be signed in to change notification settings - Fork 0
/
session_confirm.php
74 lines (67 loc) · 2.52 KB
/
session_confirm.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
<?php
/**
*
* @copyright http://www.xoops.org/ The XOOPS Project
* @copyright XOOPS_copyrights.txt
* @copyright http://www.impresscms.org/ The ImpressCMS Project
* @license http://www.gnu.org/licenses/old-licenses/gpl-2.0.html GNU General Public License (GPL)
* @package core
* @since XOOPS
* @author http://www.xoops.org The XOOPS Project
* @author Sina Asghari (aka stranger) <[email protected]>
* @version $Id: session_confirm.php 21047 2011-03-14 15:52:14Z m0nty_ $
*/
include "mainfile.php";
// security check
if (!isset($_SESSION['AUTOLOGIN_REQUEST_URI'])) exit;
// get URI
$url = $_SESSION['AUTOLOGIN_REQUEST_URI'];
unset($_SESSION['AUTOLOGIN_REQUEST_URI']);
if (preg_match('/javascript:/si', $url)) exit; // black list of url
$url4disp = preg_replace("/&/i", '&', htmlspecialchars($url, ENT_QUOTES));
if (isset($_SESSION['AUTOLOGIN_POST'])) {
// posting confirmation
$old_post = $_SESSION['AUTOLOGIN_POST'];
unset($_SESSION['AUTOLOGIN_POST']);
$hidden_str = '' ;
foreach ($old_post as $k => $v) {
$hidden_str .= "\t".' <input type="hidden" name="'.htmlspecialchars($k,ENT_QUOTES).'" value="'.htmlspecialchars($v,ENT_QUOTES).'" />'."\n" ;
}
echo '<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset='._CHARSET.'" />
<title>'.$icmsConfig['sitename'].'</title>
</head>
<body>
<div style="text-align:center; background-color: #EBEBEB; border-top: 1px solid #FFFFFF; border-left: 1px solid #FFFFFF; border-right: 1px solid #AAAAAA; border-bottom: 1px solid #AAAAAA; font-weight : bold;">
<h4>'._RETRYPOST.'</h4>
<form action="'.$url4disp.'" method="POST">
'.$hidden_str.'
<input type="submit" name="timeout_repost" value="'._SUBMIT.'" />
</form>
</div>
</body>
</html>
' ;
exit ;
} else {
// just redirecting
$time = 1 ;
// $message = empty( $message ) ? _TAKINGBACK : $message ;
$message = _TAKINGBACK ;
echo '<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset='._CHARSET.'" />
<meta http-equiv="Refresh" content="'.$time.'; url='.$url4disp.'" />
<title>'.$icmsConfig['sitename'].'</title>
</head>
<body>
<div style="text-align:center; background-color: #EBEBEB; border-top: 1px solid #FFFFFF; border-left: 1px solid #FFFFFF; border-right: 1px solid #AAAAAA; border-bottom: 1px solid #AAAAAA; font-weight : bold;">
<h4>'.$message.'</h4>
<p>'.sprintf(_IFNOTRELOAD, $url4disp).'</p>
</div>
</body>
</html>
' ;
exit ;
}