inc/modules/loader.php

   1 <?php
   2 /************************************************************************
   3  * Mailer v0.2.1-FINAL                                Start: 10/29/2003 *
   4  * ===================                          Last change: 04/17/2004 *
   5  *                                                                      *
   6  * -------------------------------------------------------------------- *
   7  * File              : loader.php                                       *
   8  * -------------------------------------------------------------------- *
   9  * Short description : De-referrer page                                 *
  10  * -------------------------------------------------------------------- *
  11  * Kurzbeschreibung  : Referrer neu setzen                              *
  12  * -------------------------------------------------------------------- *
  13  * $Revision::                                                        $ *
  14  * $Date::                                                            $ *
  15  * $Tag:: 0.2.1-FINAL                                                 $ *
  16  * $Author::                                                          $ *
  17  * -------------------------------------------------------------------- *
  18  * Copyright (c) 2003 - 2009 by Roland Haeder                           *
  19  * Copyright (c) 2009 - 2012 by Mailer Developer Team                   *
  20  * For more information visit: http://mxchange.org                      *
  21  *                                                                      *
  22  * This program is free software; you can redistribute it and/or modify *
  23  * it under the terms of the GNU General Public License as published by *
  24  * the Free Software Foundation; either version 2 of the License, or    *
  25  * (at your option) any later version.                                  *
  26  *                                                                      *
  27  * This program is distributed in the hope that it will be useful,      *
  28  * but WITHOUT ANY WARRANTY; without even the implied warranty of       *
  29  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the        *
  30  * GNU General Public License for more details.                         *
  31  *                                                                      *
  32  * You should have received a copy of the GNU General Public License    *
  33  * along with this program; if not, write to the Free Software          *
  34  * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston,               *
  35  * MA  02110-1301  USA                                                  *
  36  ************************************************************************/
  37
  38 // Some security stuff...
  39 if (!defined('__SECURITY')) {
  40         exit();
  41 } // END - if
  42
  43 // Is an URL specified?
  44 if ((isGetRequestElementSet('url')) && (isGetRequestElementSet('hash')) && (isGetRequestElementSet('salt'))) {
  45         // Decode URL
  46         $decodedUrl = decodeString(str_replace(' ', '+', compileUriCode(urldecode(getRequestElement('url')))));
  47
  48         // Debug message
  49         //* DEBUG: */ logDebugMessage(__FUNCTION__, __LINE__, 'decodedUrl=' . $decodedUrl . ',hash=' . getRequestElement('hash'));
  50
  51         // Generate hash for comparing it
  52         $hash = encodeHashForCookie(generateHash($decodedUrl . getSiteKey() . getDateKey(), getRequestElement('salt')));
  53
  54         // Debug message
  55         //* DEBUG: */ logDebugMessage(__FUNCTION__, __LINE__, 'decodedUrl=' . $decodedUrl . ',hash=' . $hash);
  56
  57         // Validate the URL and hash
  58         if ($hash != getRequestElement('hash')) {
  59                 // Hash doesn't match
  60                 displayMessage('{--LOADER_SECURITY_HASH_MISMATCH--}');
  61
  62                 // Log this event
  63                 logDebugMessage(__FILE__, __LINE__, 'Hash ' . getRequestElement('hash') . ' does not match URL ' . $decodedUrl);
  64         } elseif (isUrlValid($decodedUrl)) {
  65                 // Generate a JavaScript that redirects us
  66                 loadTemplate('loader', FALSE, $decodedUrl);
  67         } else {
  68                 // URL invalid
  69                 redirectToUrl('modules.php?module=index');
  70         }
  71 } else {
  72         // Is the hash not provided?
  73         if (!isGetRequestElementSet('hash')) {
  74                 // Very old (external!) call
  75                 logDebugMessage(__FUNCTION__, __LINE__, 'Possible old call on loader.php detected. Redirecting to index.php anyway ...');
  76         } // END - if
  77
  78         // Invalid or no URL entered!
  79         redirectToUrl('modules.php?module=index');
  80 }
  81
  82 // [EOF]
  83 ?>