From 12cb1277f6f069b1cf9d536f9add2cd7e62eace4 Mon Sep 17 00:00:00 2001
From: =?utf8?q?Roland=20H=C3=A4der?= <roland@mxchange.org>
Date: Sat, 3 Nov 2012 21:26:44 +0000
Subject: [PATCH] Fix for wrong SERVER_NAME usage (may cause trouble)

---
 inc/filter-functions.php |  1 +
 inc/filters.php          | 12 ++++++++++++
 inc/mysql-connect.php    | 33 ++-----------------------------
 inc/sql-functions.php    | 42 ++++++++++++++++++++++++++++++++++++++++
 mailid.php               |  2 +-
 5 files changed, 58 insertions(+), 32 deletions(-)

diff --git a/inc/filter-functions.php b/inc/filter-functions.php
index accd0c9475..4670227106 100644
--- a/inc/filter-functions.php
+++ b/inc/filter-functions.php
@@ -119,6 +119,7 @@ ORDER BY
 	registerFilter(__FUNCTION__, __LINE__, 'init', 'COUNT_MODULE');
 	registerFilter(__FUNCTION__, __LINE__, 'init', 'UPDATE_LOGIN_DATA');
 	registerFilter(__FUNCTION__, __LINE__, 'init', 'ACTIVATE_EXCHANGE');
+	registerFilter(__FUNCTION__, __LINE__, 'init', 'REDIRECT_WRONG_SERVER_NAME');
 
 	// Page headers - pre-filter (normally, you want to register here)
 	registerFilter(__FUNCTION__, __LINE__, 'pre_page_header', 'LOAD_PAGE_HEADER');
diff --git a/inc/filters.php b/inc/filters.php
index a4adfd44d6..ecfa95f269 100644
--- a/inc/filters.php
+++ b/inc/filters.php
@@ -1316,5 +1316,17 @@ function FILTER_HANDLE_REFERRER_BANNER_VIEW ($filterData) {
 	}
 }
 
+// Filter for redirecting on wrong server name (e.g. bad.your-server.tld will be redirected to your-server.tld)
+function FILTER_REDIRECT_WRONG_SERVER_NAME ($filterData) {
+	// Is the configured URL same as SERVER_NAME?
+	if (extractHostnameFromUrl(getUrl()) != detectServerName()) {
+		// Then redirect to configured URL
+		redirectToRequestUri();
+	} // END - if
+
+	// Return filter data
+	return $filterData;
+}
+
 // [EOF]
 ?>
diff --git a/inc/mysql-connect.php b/inc/mysql-connect.php
index df7a3d1751..77eb4bb074 100644
--- a/inc/mysql-connect.php
+++ b/inc/mysql-connect.php
@@ -109,37 +109,8 @@ if ((!isInstalling()) && (!isInstallationPhase())) {
 	// CSS array
 	initExtensionCssFiles();
 
-	if ((!empty($GLOBALS['mysql']['host'])) && (!empty($GLOBALS['mysql']['login'])) && (!empty($GLOBALS['mysql']['dbase']))) {
-		// Connect to DB
-		SQL_CONNECT($GLOBALS['mysql']['host'], $GLOBALS['mysql']['login'], $GLOBALS['mysql']['password'], __FILE__, __LINE__);
-
-		// Is the link valid?
-		if (SQL_IS_LINK_UP()) {
-			// Enable exit on error
-			enableExitOnError();
-
-			// Is it a valid resource?
-			if (SQL_SELECT_DB($GLOBALS['mysql']['dbase'], __FILE__, __LINE__) === TRUE) {
-				// Set database name (required for ext-optimize and ifSqlTableExists())
-				setConfigEntry('__DB_NAME', $GLOBALS['mysql']['dbase']);
-
-				// Remove MySQL array from namespace
-				unset($GLOBALS['mysql']);
-
-				// Load cache
-				loadIncludeOnce('inc/load_cache.php');
-			} else {
-				// Wrong database?
-				reportBug(__FILE__, __LINE__, 'Wrong database selected.');
-			}
-		} else {
-			// No link to database!
-			reportBug(__FILE__, __LINE__, 'Database link is not yet up.');
-		}
-	} else {
-		// Maybe you forgot to enter your database login?
-		reportBug(__FILE__, __LINE__, 'Database login is missing.');
-	}
+	// Initialize SQL link
+	initSqlLink();
 } else {
 	// Default output is 'direct' for HTML output
 	setConfigEntry('OUTPUT_MODE', 'direct');
diff --git a/inc/sql-functions.php b/inc/sql-functions.php
index 069f459d93..c1840fa1bc 100644
--- a/inc/sql-functions.php
+++ b/inc/sql-functions.php
@@ -218,5 +218,47 @@ function getInsertSqlFromArray ($array, $tableName) {
 	return $SQL;
 }
 
+// Initializes the SQL link by bringing it up if set
+function initSqlLink () {
+	// Do this only if link is down
+	assert(!SQL_IS_LINK_UP());
+
+	// Is the configuration data set?
+	if ((!empty($GLOBALS['mysql']['host'])) && (!empty($GLOBALS['mysql']['login'])) && (!empty($GLOBALS['mysql']['dbase']))) {
+		// Remove cache
+		unset($GLOBALS['is_sql_link_up']);
+
+		// Connect to DB
+		SQL_CONNECT($GLOBALS['mysql']['host'], $GLOBALS['mysql']['login'], $GLOBALS['mysql']['password'], __FILE__, __LINE__);
+
+		// Is the link valid?
+		if (SQL_IS_LINK_UP()) {
+			// Enable exit on error
+			enableExitOnError();
+
+			// Is it a valid resource?
+			if (SQL_SELECT_DB($GLOBALS['mysql']['dbase'], __FILE__, __LINE__) === TRUE) {
+				// Set database name (required for ext-optimize and ifSqlTableExists())
+				setConfigEntry('__DB_NAME', $GLOBALS['mysql']['dbase']);
+
+				// Remove MySQL array from namespace
+				unset($GLOBALS['mysql']);
+
+				// Load cache
+				loadIncludeOnce('inc/load_cache.php');
+			} else {
+				// Wrong database?
+				reportBug(__FILE__, __LINE__, 'Wrong database selected.');
+			}
+		} else {
+			// No link to database!
+			reportBug(__FILE__, __LINE__, 'Database link is not yet up.');
+		}
+	} else {
+		// Maybe you forgot to enter your database login?
+		reportBug(__FILE__, __LINE__, 'Database login is missing.');
+	}
+}
+
 // [EOF]
 ?>
diff --git a/mailid.php b/mailid.php
index 289ac310cd..784bd996b4 100644
--- a/mailid.php
+++ b/mailid.php
@@ -183,7 +183,7 @@ if ((isValidUserId($userId)) && (($mailId > 0) || ($bonusId > 0)) && (!ifFatalEr
 					if ($isValid === TRUE) {
 						// If time is zero seconds we have a sponsor mail. 1 Second shall be set to avoid problems
 						if (($time == '0') && ($payment > 0)) { 
-							$url = getUrl();
+							$url  = getUrl();
 							$time = 1; 
 						} // END - if
 
-- 
2.30.2