Forcing redirect to application's domain if mismatching
authorAlexander Ebert <ebert@woltlab.com>
Wed, 12 Jun 2013 17:27:45 +0000 (19:27 +0200)
committerAlexander Ebert <ebert@woltlab.com>
Wed, 12 Jun 2013 17:27:45 +0000 (19:27 +0200)
wcfsetup/install/files/lib/system/request/RequestHandler.class.php

index 2fb25bff348fa9176ac4e9ad6bcc75f154f3d6fd..8c729f1a0977f598d335869b409f79327b842265 100644 (file)
@@ -7,6 +7,7 @@ use wcf\system\exception\SystemException;
 use wcf\system\menu\page\PageMenu;
 use wcf\system\SingletonFactory;
 use wcf\system\WCF;
+use wcf\util\FileUtil;
 use wcf\util\HeaderUtil;
 use wcf\util\StringUtil;
 
@@ -121,6 +122,27 @@ class RequestHandler extends SingletonFactory {
                                }
                        }
                        
+                       // check if accessing from the wrong domain (e.g. "www." omitted but domain was configured with)
+                       $applicationObject = ApplicationHandler::getInstance()->getApplication($application);
+                       if ($applicationObject->domainName != $_SERVER['HTTP_HOST']) {
+                               // build URL, e.g. http://example.net/forum/
+                               $url = FileUtil::addTrailingSlash(RouteHandler::getProtocol() . $applicationObject->domainName . RouteHandler::getPath());
+                               
+                               // add path info, e.g. index.php/Board/2/
+                               $pathInfo = RouteHandler::getPathInfo();
+                               if (!empty($pathInfo)) {
+                                       $url .= 'index.php' . $pathInfo;
+                               }
+                               
+                               // query string, e.g. ?foo=bar
+                               if (!empty($_SERVER['QUERY_STRING'])) {
+                                       $url .= '?' . $_SERVER['QUERY_STRING'];
+                               }
+                               
+                               HeaderUtil::redirect($url, true);
+                               exit;
+                       }
+                       
                        $controller = $routeData['controller'];
                        
                        // validate class name