1 $NetBSD: patch-al,v 1.1 2010/03/04 16:00:37 taca Exp $
3 --- functions/auth.php.orig 2009-08-12 17:19:16.000000000 +0900
5 @@ -63,13 +63,13 @@ function is_logged_in() {
6 if ($check_referrer == '###DOMAIN###') $check_referrer = $domain;
7 if (!empty($check_referrer)) {
8 $ssl_check_referrer = 'https://' . $check_referrer;
9 - $check_referrer = 'http://' . $check_referrer;
10 + $plain_check_referrer = 'http://' . $check_referrer;
12 if (!sqgetGlobalVar('HTTP_REFERER', $referrer, SQ_SERVER)) $referrer = '';
13 if (sqsession_is_registered('user_is_logged_in')
14 && (!$check_referrer || empty($referrer)
15 || ($check_referrer && !empty($referrer)
16 - && (strpos(strtolower($referrer), strtolower($check_referrer)) === 0
17 + && (strpos(strtolower($referrer), strtolower($plain_check_referrer)) === 0
18 || strpos(strtolower($referrer), strtolower($ssl_check_referrer)) === 0)))) {