Merge branch 'master' of github.com:Elgg/Elgg

author: Brett Profitt <brett.profitt@gmail.com> 2011-06-18 19:56:33 -0400
committer: Brett Profitt <brett.profitt@gmail.com> 2011-06-18 19:56:33 -0400
commit: ec7b94a64aef23b85866ecdac8e8acc712d29bb6 (patch)
tree: a108205c3fa0b694d8ce0ebaafd259480d6b530a /engine/lib/sessions.php
parent: c80ba5aa03264dd64c20ed8ae222e87f9371a44d (diff)
parent: 2b68a4d217c35a5587c462620789493cf2804ba2 (diff)
download: elgg-ec7b94a64aef23b85866ecdac8e8acc712d29bb6.tar.gz
elgg-ec7b94a64aef23b85866ecdac8e8acc712d29bb6.tar.bz2
1 files changed, 7 insertions, 2 deletions
diff --git a/engine/lib/sessions.php b/engine/lib/sessions.php
index ae42956a9..407bb69c5 100644
--- a/engine/lib/sessions.php
+++ b/engine/lib/sessions.php
@@ -472,7 +472,10 @@ function gatekeeper() {
 	if (!elgg_is_logged_in()) {
 		$_SESSION['last_forward_from'] = current_page_url();
 		register_error(elgg_echo('loggedinrequired'));
-		forward('', 'login');
+
+		if (!forward('', 'login')) {
+			throw new SecurityException(elgg_echo('SecurityException:UnexpectedOutputInGatekeeper'));
+		}
 	}
 }
 
@@ -487,7 +490,9 @@ function admin_gatekeeper() {
 	if (!elgg_is_admin_logged_in()) {
 		$_SESSION['last_forward_from'] = current_page_url();
 		register_error(elgg_echo('adminrequired'));
-		forward('', 'admin');
+		if (!forward('', 'admin')) {
+			throw new SecurityException(elgg_echo('SecurityException:UnexpectedOutputInGatekeeper'));
+		}
 	}
 }
author	Brett Profitt <brett.profitt@gmail.com>	2011-06-18 19:56:33 -0400
committer	Brett Profitt <brett.profitt@gmail.com>	2011-06-18 19:56:33 -0400
commit	ec7b94a64aef23b85866ecdac8e8acc712d29bb6 (patch)
tree	a108205c3fa0b694d8ce0ebaafd259480d6b530a /engine/lib/sessions.php
parent	c80ba5aa03264dd64c20ed8ae222e87f9371a44d (diff)
parent	2b68a4d217c35a5587c462620789493cf2804ba2 (diff)
download	elgg-ec7b94a64aef23b85866ecdac8e8acc712d29bb6.tar.gz elgg-ec7b94a64aef23b85866ecdac8e8acc712d29bb6.tar.bz2