ZRL: Simplify the code structure

This commit is contained in:
Michael 2021-12-08 20:23:07 +00:00
parent f1d6e7ebb4
commit 0844e3f8a6

View file

@ -600,29 +600,27 @@ class App
} }
// ZRL // ZRL
if (!empty($_GET['zrl']) && $this->mode->isNormal() && !$this->mode->isBackend()) { if (!empty($_GET['zrl']) && $this->mode->isNormal() && !$this->mode->isBackend() && !local_user()) {
if (!local_user()) { // Only continue when the given profile link seems valid
// Only continue when the given profile link seems valid // Valid profile links contain a path with "/profile/" and no query parameters
// Valid profile links contain a path with "/profile/" and no query parameters if ((parse_url($_GET['zrl'], PHP_URL_QUERY) == "") &&
if ((parse_url($_GET['zrl'], PHP_URL_QUERY) == "") && strstr(parse_url($_GET['zrl'], PHP_URL_PATH), "/profile/")) {
strstr(parse_url($_GET['zrl'], PHP_URL_PATH), "/profile/")) { if (Core\Session::get('visitor_home') != $_GET["zrl"]) {
if (Core\Session::get('visitor_home') != $_GET["zrl"]) { Core\Session::set('my_url', $_GET['zrl']);
Core\Session::set('my_url', $_GET['zrl']); Core\Session::set('authenticated', 0);
Core\Session::set('authenticated', 0);
$remote_contact = Contact::getByURL($_GET['zrl'], false, ['subscribe']); $remote_contact = Contact::getByURL($_GET['zrl'], false, ['subscribe']);
if (!empty($remote_contact['subscribe'])) { if (!empty($remote_contact['subscribe'])) {
$_SESSION['remote_comment'] = $remote_contact['subscribe']; $_SESSION['remote_comment'] = $remote_contact['subscribe'];
}
} }
Model\Profile::zrlInit($this);
} else {
// Someone came with an invalid parameter, maybe as a DDoS attempt
// We simply stop processing here
$this->logger->debug('Invalid ZRL parameter.', ['zrl' => $_GET['zrl']]);
throw new HTTPException\ForbiddenException();
} }
Model\Profile::zrlInit($this);
} else {
// Someone came with an invalid parameter, maybe as a DDoS attempt
// We simply stop processing here
$this->logger->debug('Invalid ZRL parameter.', ['zrl' => $_GET['zrl']]);
throw new HTTPException\ForbiddenException();
} }
} }