/** * Verify Friendly URL * Ensures the requested URL was in the correct format according to the * friendlyurl option. If not, throw a 301 to the correct route. */ public function assertFriendlyUrl() { // API don't need to redirect if (defined('VB_API') and VB_API === true) { return; } // Only redirect on GET if ('GET' != $_SERVER['REQUEST_METHOD']) { return; } // If this route isn't valid then we'll be 404'ing anyway if (!$this->isValid()) { return; } // If we don't have an entry path then there's nothing to do if (!($request_path = vB_Router::getEntryPath())) { return; } // Allow hooks to handle non canonical urls ($hook = vBulletinHook::fetch_hook('friendlyurl_redirect_canonical_route')) ? eval($hook) : false; // Check if we should be enforcing the canonical url if (vB_Friendly_Url::CANON_OFF == vB::$vbulletin->options['friendlyurl_canonical']) { return; } // Only redirect guests and search engines if (vB::$vbulletin->userinfo['userid'] and !vB::$vbulletin->options['friendlyurl_canonical_registered']) { return; } // Get the canonical path if (!isset($canonical_path)) { $canonical_path = $this->getRoutePath(false, vB_Friendly_Url::CANON_STRICT == vB::$vbulletin->options['friendlyurl_canonical'], true); } // Whether the request was canonical $canonical = true; // If no route path is specified then only rewrite can differ if ($request_path == VB_ROUTER_SEGMENT) { //This looks like a bug. The second "==" should be an "AND". This is based on the fact that how its written doesn't //make a lot of sense and the behavior with the change is more consistant. However its a bug with senority at this //point and fixing it will change how urls behave. For the time being leaving it alone is better than the risk of //changing it. if ((FRIENDLY_URL == FRIENDLY_URL_REWRITE) == (vB::$vbulletin->options['friendlyurl'] == FRIENDLY_URL_REWRITE)) { return; } } // Check the Friendly URL method if (FRIENDLY_URL !== intval(vB::$vbulletin->options['friendlyurl'])) { $canonical = false; } // Check URI if ($canonical and vB_Friendly_URL::CANON_STRICT == vB::$vbulletin->options['friendlyurl_canonical']) { if ($request_path != $canonical_path) { // request may have been in the current charset, try utf-8 $request_path = to_utf8($request_path, vB::$vbulletin->userinfo['lang_charset']); if ($request_path != $canonical_path) { $canonical = false; } } } // Redirect if incorrect if (!$canonical) { // Get the raw redirect url $url = $this->getCurrentURL(null, null, '', false, true); // add any query vars $vars = $_GET; unset($vars[vB::$vbulletin->options['route_requestvar']]); unset($vars['pagenumber']); // Remove duplicate created by shortvar code if (!empty($vars)) { $url .= (strpos($url, '?') ? '&' : '?') . urlimplode($vars, false, true); } //do a quick check to ensure that we aren't trying to redirect to the url //we came in on. This is needed primarily because of a special case where the //friendly url logic doesn't correctly detect the rewrite URL version of the //incoming link and will attempt to redirect because they don't match. $url = create_full_url($url); $cleaned_url = vB::$vbulletin->input->xss_clean(vB::$vbulletin->input->strip_sessionhash($url)); $cleaned_url = $this->domain_to_lower($cleaned_url); //if ($url != VB_URL_CLEAN) if (urldecode($cleaned_url) != urldecode($this->domain_to_lower(VB_URL_CLEAN))) { // redirect to the canonical url exec_header_redirect($url, 301); } } }
/** * Verify Friendly URL * Ensures the requested URL was in the correct format according to the * friendlyurl option. If not, throw a 301 to the correct route. */ public function assertFriendlyUrl() { // Only redirect on GET if ('GET' != $_SERVER['REQUEST_METHOD']) { return; } // If this route isn't valid then we'll be 404'ing anyway if (!$this->isValid()) { return; } // If we don't have an entry path then there's nothing to do if (!($request_path = vB_Router::getEntryPath())) { return; } // Allow hooks to handle non canonical urls ($hook = vBulletinHook::fetch_hook('friendlyurl_redirect_canonical_route')) ? eval($hook) : false; // Check if we should be enforcing the canonical url if (vB_Friendly_Url::CANON_OFF == vB::$vbulletin->options['friendlyurl_canonical']) { return; } // Only redirect guests and search engines if (vB::$vbulletin->userinfo['userid'] AND !vB::$vbulletin->options['friendlyurl_canonical_registered']) { return; } // Get the canonical path if (!isset($canonical_path)) { $canonical_path = $this->getRoutePath(false, (vB_Friendly_Url::CANON_STRICT == vB::$vbulletin->options['friendlyurl_canonical']), true); } // Whether the request was canonical $canonical = true; // If no route path is specified then only rewrite can differ if ($request_path == VB_ROUTER_SEGMENT) { if ((FRIENDLY_URL == FRIENDLY_URL_REWRITE) == (vB::$vbulletin->options['friendlyurl'] == FRIENDLY_URL_REWRITE)) { return; } } // Check the Friendly URL method if (FRIENDLY_URL !== intval(vB::$vbulletin->options['friendlyurl'])) { $canonical = false; } // Check URI if ($canonical AND (vB_Friendly_URL::CANON_STRICT == vB::$vbulletin->options['friendlyurl_canonical'])) { if ($request_path != $canonical_path) { // request may have been in the current charset, try utf-8 $request_path = to_utf8($request_path, vB::$vbulletin->userinfo['lang_charset']); if ($request_path != $canonical_path) { $canonical = false; } } } // Redirect if incorrect if (!$canonical) { // Get the raw redirect url $url = $this->getCurrentURL(null, null, '', false, true); // add any query vars $vars = $_GET; unset($vars[vB::$vbulletin->options['route_requestvar']]); if (!empty($vars)) { $url .= (strpos($url, '?') ? '&' : '?') . urlimplode($vars, false, true); } // redirect to the canonical url exec_header_redirect($url, 301); } }