fanbinit/rhymix
1
0
Fork 0
mirror of https://github.com/Lastorder-DC/rhymix.git synced 2026-05-10 04:24:14 +09:00
Code Issues Projects Releases Packages Wiki Activity

fix #1732 SSO 처리 시 대상 사이트의 주소 검증과정 추가

Browse source
This commit is contained in:
bnu 2015-09-04 15:01:05 +09:00
parent 068ce27fb8
commit f26f122f17
1 changed files with 11 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

11
classes/context/Context.class.php
View file

@ -666,9 +666,20 @@ class Context
{ {
$url = base64_decode(self::get('default_url')); $url = base64_decode(self::get('default_url'));
$url_info = parse_url($url); $url_info = parse_url($url);
$oModuleModel = getModel('module');
$site_info = $oModuleModel->getSiteInfoByDomain($url_info['host']);
if(!$site_info->site_srl) {
$oModuleObject = new ModuleObject();
$oModuleObject->stop('msg_invalid_request');
return false;
}
$url_info['query'].= ($url_info['query'] ? '&' : '') . 'SSOID=' . session_id(); $url_info['query'].= ($url_info['query'] ? '&' : '') . 'SSOID=' . session_id();
$redirect_url = sprintf('%s://%s%s%s?%s', $url_info['scheme'], $url_info['host'], $url_info['port'] ? ':' . $url_info['port'] : '', $url_info['path'], $url_info['query']); $redirect_url = sprintf('%s://%s%s%s?%s', $url_info['scheme'], $url_info['host'], $url_info['port'] ? ':' . $url_info['port'] : '', $url_info['path'], $url_info['query']);
header('location:' . $redirect_url); header('location:' . $redirect_url);
return FALSE; return FALSE;
} }
// for sites requesting SSO validation // for sites requesting SSO validation