diff --git a/mod/profile_photo.php b/mod/profile_photo.php index ee4f35f200..19188ba23e 100644 --- a/mod/profile_photo.php +++ b/mod/profile_photo.php @@ -126,7 +126,7 @@ function profile_photo_post(App $a) info(L10n::t('Shift-reload the page or clear browser cache if the new photo does not display immediately.') . EOL); // Update global directory in background if ($path && strlen(Config::get('system', 'directory'))) { - Worker::add(PRIORITY_LOW, "Directory", $path); + Worker::add(PRIORITY_LOW, "Directory", $a->getBaseURL() . '/' . $path); } Worker::add(PRIORITY_LOW, 'ProfileUpdate', local_user()); diff --git a/mod/randprof.php b/mod/randprof.php index 4da149afdc..055b3dcbe8 100644 --- a/mod/randprof.php +++ b/mod/randprof.php @@ -13,7 +13,13 @@ function randprof_init(App $a) $x = GContact::getRandomUrl(); if ($x) { - $a->internalRedirect(Contact::magicLink($x)); + $link = Contact::magicLink($x); + // @TODO making the return of magicLink save to use either externalRedirect or internalRedirect + if (filter_var($link, FILTER_VALIDATE_URL)) { + System::externalRedirect($link); + } else { + $a->internalRedirect($link); + } } $a->internalRedirect('profile'); diff --git a/src/Model/Contact.php b/src/Model/Contact.php index 343340800d..1a5c97834a 100644 --- a/src/Model/Contact.php +++ b/src/Model/Contact.php @@ -2024,6 +2024,8 @@ class Contact extends BaseObject /** * @brief Returns a magic link to authenticate remote visitors * + * @todo check if the return is either a fully qualified URL or a relative path to Friendica basedir + * * @param string $contact_url The address of the target contact profile * @param string $url An url that we will be redirected to after the authentication *