Index: /branches/rel/html/frontparts/login_check.php
===================================================================
--- /branches/rel/html/frontparts/login_check.php (revision 15071)
+++ /branches/rel/html/frontparts/login_check.php (revision 15314)
@@ -34,5 +34,5 @@
$objCookie->setCookie('login_email', '');
}
-
+
if(count($arrErr) == 0) {
if($objCustomer->getCustomerDataFromEmailPass($arrForm['login_pass'], $arrForm['login_email'])) {
@@ -43,5 +43,5 @@
$where = "email ILIKE ? AND status = 1 AND del_flg = 0";
$ret = $objQuery->count("dtb_customer", $where, array($arrForm['login_email']));
-
+
if($ret > 0) {
sfDispSiteError(TEMP_LOGIN_ERROR);
@@ -64,5 +64,5 @@
header("Location: /mypage/login.php");
}else{
- header("Location: " . $_POST['url']);
+ header("Location: " . $_POST['url']);
}
exit;
@@ -81,18 +81,25 @@
/* POST¤µ¤ì¤ëURL¤Î¥Á¥§¥Ã¥¯*/
function lfIsValidURL() {
- $site_url = sfIsHTTPS() ? SSL_URL : SITE_URL;
- $check_url = trim($_POST['url']);
+ $arrValidUrl = array(SSL_URL, SITE_URL, '/');
+ $targetUrl = $_POST['url'];
- // ¥í¡¼¥«¥ë¥É¥á¥¤¥ó¥Á¥§¥Ã¥¯
- if (!preg_match("|^$site_url|", $check_url) && !preg_match("|^/|", $check_url)) {
+ // $arrValidUrl¤Ë¥Þ¥Ã¥Á¤·¤Ê¤¤¾ì¹ç¤ÏÉÔÀµ¤ÊURL
+ $match = false;
+ foreach ($arrValidUrl as $validUrl) {
+ $pattern = sprintf('/^%s/' , preg_quote($validUrl, '/'));
+ gfPrintLog($pattern . ':' . $targetUrl);
+ if ( preg_match($pattern, $targetUrl) ) {
+ $match = true;
+ break;
+ }
+ }
+ if (!$match) return false;
+
+ // ²þ¹Ô¥³¡¼¥É(CR¡¦LF)¡¦NULL¥Ð¥¤¥È¤ò´Þ¤à¾ì¹ç¤ÏÉÔÀµ¤ÊURL
+ $pattern = '/\r|\n|\0|%0D|%0A|%00/';
+ if (preg_match_all($pattern, $targetUrl, $matches)) {
return false;
}
-
- // ²þ¹Ô¥³¡¼¥É(CR¡¦LF)¡¦NULL¥Ð¥¤¥È¥Á¥§¥Ã¥¯
- $pattern = '/\r|\n|\0|%0D|%0A|%00/';
- if (preg_match_all($pattern, $check_url, $matches) > 0) {
- return false;
- }
-
+
return true;
}