diff options
| author | Scott Ullrich <sullrich@pfsense.org> | 2007-11-19 00:05:46 +0000 |
|---|---|---|
| committer | Scott Ullrich <sullrich@pfsense.org> | 2007-11-19 00:05:46 +0000 |
| commit | 2d78c5521d380501feb43aa24b985d5a0a6ed7b0 (patch) | |
| tree | 96d757eaaf5180a5d9652bd05c1cc58bae827999 /etc/inc/authgui.inc | |
| parent | 1351991d370c9cad1cca6abf4b829cb21e21b255 (diff) | |
| download | pfsense-2d78c5521d380501feb43aa24b985d5a0a6ed7b0.zip pfsense-2d78c5521d380501feb43aa24b985d5a0a6ed7b0.tar.gz | |
Correctly check for page names by including .php. Strip off / if found so that we can get an exact page match against the URL. My test diagnostics user now works.
Diffstat (limited to 'etc/inc/authgui.inc')
| -rw-r--r-- | etc/inc/authgui.inc | 4 |
1 files changed, 2 insertions, 2 deletions
diff --git a/etc/inc/authgui.inc b/etc/inc/authgui.inc index 3f15e13..9e83157 100644 --- a/etc/inc/authgui.inc +++ b/etc/inc/authgui.inc @@ -95,7 +95,7 @@ if (!(isSystemAdmin($HTTP_SERVER_VARS['AUTH_USER']))) { * page, set $home to that page instead. */ if (isset($_POST['scriptname']) && $_POST['scriptname'] <> "/" && $_POST['scriptname'] <> "/index.php") { - $home = str_replace('.php', '', basename($_POST['scriptname'])); + $home = str_replace('/', '', basename($_POST['scriptname'])); $pagereq = $home; } @@ -104,7 +104,7 @@ if (!(isSystemAdmin($HTTP_SERVER_VARS['AUTH_USER']))) { //if ($_SERVER['SCRIPT_NAME'] == '/') // $_SERVER['SCRIPT_NAME'] = $home; if ($pagereq == "") - $pagereq = str_replace('.php', '', basename($_SERVER['SCRIPT_NAME'])); + $pagereq = str_replace('/', '', basename($_SERVER['SCRIPT_NAME'])); // Strip the leading / from the currently requested PHP page if (!in_array($pagereq,$allowed) && !in_array("ANY", $allowed)) { |
