aboutsummaryrefslogtreecommitdiff
path: root/mod/bookmarks
diff options
context:
space:
mode:
authorbrettp <brettp@36083f99-b078-4883-b0ff-0f9b5a30f544>2011-02-21 00:38:27 +0000
committerbrettp <brettp@36083f99-b078-4883-b0ff-0f9b5a30f544>2011-02-21 00:38:27 +0000
commita3febfda7a1bc64ba247a241a2983643ae0b1b16 (patch)
treebccc25ce0dc7e06edd0f4f4a787133e66b6733da /mod/bookmarks
parent4afa50233029dad99d07a2c3e408bf68bbb4fb4e (diff)
downloadelgg-a3febfda7a1bc64ba247a241a2983643ae0b1b16.tar.gz
elgg-a3febfda7a1bc64ba247a241a2983643ae0b1b16.tar.bz2
Fixes #2719. Removing hack from bookmarks add. Now appends http:// to www.example.com and validates that.
git-svn-id: http://code.elgg.org/elgg/trunk@8378 36083f99-b078-4883-b0ff-0f9b5a30f544
Diffstat (limited to 'mod/bookmarks')
-rw-r--r--mod/bookmarks/actions/bookmarks/save.php15
1 files changed, 4 insertions, 11 deletions
diff --git a/mod/bookmarks/actions/bookmarks/save.php b/mod/bookmarks/actions/bookmarks/save.php
index 02280838d..2f4f7b685 100644
--- a/mod/bookmarks/actions/bookmarks/save.php
+++ b/mod/bookmarks/actions/bookmarks/save.php
@@ -18,17 +18,10 @@ $container_guid = get_input('container_guid', elgg_get_logged_in_user_guid());
elgg_make_sticky_form('bookmarks');
-$normalized = elgg_normalize_url($address);
-
-// slight hack. If the original link wasn't to this site, they probably didn't mean to post
-// a relative link. deny the action.
-$site_url = elgg_get_site_entity()->url;
-$test = str_replace($site_url, '', $normalized);
-
-if (trim($address, '/') == trim($test, '/')) {
- $address = '';
-} else {
- $address = $normalized;
+// don't use elgg_normalize_url() because we don't want
+// relative links resolved to this site.
+if ($address && !preg_match("#^((ht|f)tps?:)?//#i", $address)) {
+ $address = "http://$address";
}
if (!$title || !$address || !filter_var($address, FILTER_VALIDATE_URL)) {
generated by cgit v1.2.3 (git 2.39.1) at 2024-11-23 13:47:00 +0000