if ($pos_user_link_URI > 0) {
$user_link_uri = substr($row['URI'], 0, $pos_user_link_uri);
} else {
$user_link_uri = $row['URI'];
}
$pos_referer_uri = strpos($_SERVER['HTTP_REFERER'], '?');
if ($pos_referer_uri > 0) {
$referer_uri = substr($_SERVER['HTTP_REFERER'], 0, $pos_referer_uri);
} else {
$referer_uri = $_SERVER['HTTP_REFERER'];
}
// guideline id must be given if the request is to check referer URI
if (!isset($_GET['gid'])) {
$msg->addError('EMPTY_GID');
} else {
$grow = $guidelinesDAO->getGuidelineByAbbr($_GET['gid']);
if (!is_array($grow)) {
$msg->addError('INVALID_GID');
}
}
if (!stristr($referer_uri, $user_link_uri)) {
$msg->addError('REFERER_URI_NOT_MATCH');
}
if (isset($_SESSION['user_id']) && $_SESSION['user_id'] != $row['user_id']) {
$msg->addError('USER_NOT_MATCH');
}
}
if (!$msg->containsErrors()) {
$_POST['validate_uri'] = 1;
$_POST['uri'] = $_SERVER['HTTP_REFERER'];
$_gids = array($grow[0]['guideline_id']);
