- web: don't require that SECURE_URL_BASE be set,

or that it end with a / svn path=/trunk/boinc/; revision=22366
2010-09-15 23:47:49 +00:00 · 2010-09-15 23:47:49 +00:00 · d3e4c729e5
parent 2985faec3e
commit d3e4c729e5
6 changed files with 22 additions and 5 deletions
--- a/13
+++ b/13
@ -6625,3 +6625,16 @@ David  15 Sept 2010

    client/
        cs_benchmark.cpp
+
+David  15 Sept 2010
+    - web: don't require that SECURE_URL_BASE be set,
+        or that it end with a /
+
+    html/
+        inc/
+            user.inc
+            util.inc
+        user/
+            create_account_form.php
+            edit_email_form.php
+            login_form.php
--- a/html/inc/user.inc
+++ b/html/inc/user.inc
@ -209,7 +209,7 @@ function show_user_info_private($user) {
    row2(tra("Postal code"), $user->postal_code);
    row2(tra("%1 member since", PROJECT), date_str($user->create_time));
    $url_tokens = url_tokens($user->authenticator);
-    row2(tra("Change"), "<a href=\"edit_email_form.php\">".tra("email address")."</a> | <a href=\"".SECURE_URL_BASE."edit_passwd_form.php\">".tra("password")."</a> | <a href=\"edit_user_info_form.php?$url_tokens\">".tra("other account info")."</a>");
+    row2(tra("Change"), "<a href=\"edit_email_form.php\">".tra("email address")."</a> | <a href=\"".SECURE_URL_BASE."/edit_passwd_form.php\">".tra("password")."</a> | <a href=\"edit_user_info_form.php?$url_tokens\">".tra("other account info")."</a>");
    row2("", "<a href=\"logout.php?$url_tokens\">".tra("Log out")."</a>");
    row2(tra("User ID")."<br/><span class=\"note\">".tra("Used in community functions")."</span>", $user->id);
    if (!no_computing()) {
--- a/html/inc/util.inc
+++ b/html/inc/util.inc
@ -28,6 +28,10 @@ ini_set("memory_limit", "64M");

 date_default_timezone_set("UTC");

+if (!defined('SECURE_URL_BASE')) {
+    define('SECURE_URL_BASE', URL_BASE);
+}
+
 $generating_xml = false;
 $caching = false;

--- a/html/user/create_account_form.php
+++ b/html/user/create_account_form.php
@ -27,7 +27,7 @@ if (defined('SECURE_URL_BASE')
    && strstr(SECURE_URL_BASE, "https://")
    && !$_SERVER['HTTPS']
 ) {
-    Header("Location: ".SECURE_URL_BASE."create_account_form.php?next_url=$next_url");
+    Header("Location: ".SECURE_URL_BASE."/create_account_form.php?next_url=$next_url");
    exit;

 }
--- a/html/user/edit_email_form.php
+++ b/html/user/edit_email_form.php
@ -44,7 +44,7 @@ row2(tra("New email address").

 row2(
    tra("Password").
-    "<br><a href=".SECURE_URL_BASE."edit_passwd_form.php><font size=-2>".tra("No password?")."</font></a>",
+    "<br><a href=".SECURE_URL_BASE."/edit_passwd_form.php><font size=-2>".tra("No password?")."</font></a>",
    "<input type=password name=passwd>"
 );
 row2("", "<input type=submit value='".tra("Change email address")."'>");
--- a/html/user/login_form.php
+++ b/html/user/login_form.php
@ -25,7 +25,7 @@ if (defined('SECURE_URL_BASE')
    && strstr(SECURE_URL_BASE, "https://")
    && !$_SERVER['HTTPS']
 ) {
-    Header("Location: ".SECURE_URL_BASE."login_form.php?next_url=$next_url");
+    Header("Location: ".SECURE_URL_BASE."/login_form.php?next_url=$next_url");
    exit;

 }
@ -35,7 +35,7 @@ $user = get_logged_in_user(false);
 page_head("Log in");

 echo "
-    <form name=\"f\" method=\"post\" action=\"".SECURE_URL_BASE."login_action.php\">
+    <form name=\"f\" method=\"post\" action=\"".SECURE_URL_BASE."/login_action.php\">
    <input type=\"hidden\" name=\"next_url\" value=\"$next_url\">
 ";
 start_table();