From: Gonzalo Merayo Date: Thu, 9 Oct 2003 12:57:57 +0000 (+0000) Subject: Login redirige cualquier cosa con redirect X-Git-Tag: svn_import~117 X-Git-Url: https://git.llucax.com/mecon/intranet.git/commitdiff_plain/8a77d0b3c6347150fe4ac26aeb17b738e91351dc?ds=inline Login redirige cualquier cosa con redirect --- diff --git a/sistema/www/login.php b/sistema/www/login.php index ca3c860..f78827c 100644 --- a/sistema/www/login.php +++ b/sistema/www/login.php @@ -78,22 +78,15 @@ if(isset($_SESSION['usuario']) && (isset($_POST['redirect']) || isset($_GET['redirect']))) { - if((isset($_GET['redirect']) && $_GET['redirect'] == 'sistemas') || - (isset($_POST['redirect']) && $_POST['redirect'] == 'sistemas')) - { - header('location: sistemas.php'); - exit; - } + @ $redirect = $_GET['redirect'].$_POST['redirect']; + $db = DB::Connect('mysql://intranet:intranet@bal747f/intranet'); + $query = "SELECT link + FROM servicio + WHERE servicio = $redirect"; + $link = $db->getOne($query); + if(PEAR::isError($link)) + header('location: '.$redirect); else - { - $db = DB::Connect('mysql://intranet:intranet@bal747f/intranet'); - $query = "SELECT link - FROM servicio - WHERE servicio = "; - if(isset($_POST['redirect'])) $query .= $_POST['redirect']; - else $query .= $_GET['redirect']; - $link = $db->getOne($query); header('location: '.$link); - } } ?>