Trim regexps to avoid the 'baldelx' effect.

author Florent Bruneau <florent.bruneau@polytechnique.org>

Tue, 2 Dec 2008 18:07:56 +0000 (19:07 +0100)

committer Florent Bruneau <florent.bruneau@polytechnique.org>

Tue, 2 Dec 2008 18:07:56 +0000 (19:07 +0100)
author Florent Bruneau <florent.bruneau@polytechnique.org>
Tue, 2 Dec 2008 18:07:56 +0000 (19:07 +0100)
committer Florent Bruneau <florent.bruneau@polytechnique.org>
Tue, 2 Dec 2008 18:07:56 +0000 (19:07 +0100)
diff --git a/modules/auth.php b/modules/auth.php

index 6ac8b9a..5b9748f 100644 (file)
--- a/modules/auth.php
+++ b/modules/auth.php
@@ -163,7 +163,8 @@ class AuthModule extends PLModule
  
          while (list($privkey,$name,$datafields,$returnurls) = $res->next()) {
              if (md5($gpex_challenge.$privkey) == $gpex_pass) {
-                if ($returnurls == "" || @preg_match($returnurls, $gpex_url)) {
+                $returnurls = trim($returnurls);
+                if (empty($returnurls) || @preg_match($returnurls, $gpex_url)) {
                      $returl = $gpex_url . gpex_make_params($gpex_challenge, $privkey, $datafields, $charset);
                      http_redirect($returl);
                  }
author	Florent Bruneau <florent.bruneau@polytechnique.org>
	Tue, 2 Dec 2008 18:07:56 +0000 (19:07 +0100)
committer	Florent Bruneau <florent.bruneau@polytechnique.org>
	Tue, 2 Dec 2008 18:07:56 +0000 (19:07 +0100)