aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--engine/lib/elgglib.php4
-rw-r--r--engine/lib/group.php4
-rw-r--r--engine/lib/sessions.php9
-rw-r--r--languages/en.php2
4 files changed, 6 insertions, 13 deletions
diff --git a/engine/lib/elgglib.php b/engine/lib/elgglib.php
index 198ffe60c..8358b08ab 100644
--- a/engine/lib/elgglib.php
+++ b/engine/lib/elgglib.php
@@ -143,9 +143,9 @@ function forward($location = "", $reason = 'system') {
} else if ($location === '') {
exit;
}
+ } else {
+ throw new SecurityException(elgg_echo('SecurityException:ForwardFailedToRedirect'));
}
-
- return false;
}
/**
diff --git a/engine/lib/group.php b/engine/lib/group.php
index e7b70fd10..7fa188cd6 100644
--- a/engine/lib/group.php
+++ b/engine/lib/group.php
@@ -276,9 +276,7 @@ function group_gatekeeper($forward = true) {
if ($forward && $allowed == false) {
register_error(elgg_echo('membershiprequired'));
- if (!forward($url, 'member')) {
- throw new SecurityException(elgg_echo('SecurityException:UnexpectedOutputInGatekeeper'));
- }
+ forward($url, 'member');
}
return $allowed;
diff --git a/engine/lib/sessions.php b/engine/lib/sessions.php
index 407bb69c5..ae42956a9 100644
--- a/engine/lib/sessions.php
+++ b/engine/lib/sessions.php
@@ -472,10 +472,7 @@ function gatekeeper() {
if (!elgg_is_logged_in()) {
$_SESSION['last_forward_from'] = current_page_url();
register_error(elgg_echo('loggedinrequired'));
-
- if (!forward('', 'login')) {
- throw new SecurityException(elgg_echo('SecurityException:UnexpectedOutputInGatekeeper'));
- }
+ forward('', 'login');
}
}
@@ -490,9 +487,7 @@ function admin_gatekeeper() {
if (!elgg_is_admin_logged_in()) {
$_SESSION['last_forward_from'] = current_page_url();
register_error(elgg_echo('adminrequired'));
- if (!forward('', 'admin')) {
- throw new SecurityException(elgg_echo('SecurityException:UnexpectedOutputInGatekeeper'));
- }
+ forward('', 'admin');
}
}
diff --git a/languages/en.php b/languages/en.php
index 6c3c041cd..aabf91dfb 100644
--- a/languages/en.php
+++ b/languages/en.php
@@ -171,7 +171,7 @@ $english = array(
'ConfigurationException:NoSiteID' => "No site ID has been specified.",
'SecurityException:APIAccessDenied' => "Sorry, API access has been disabled by the administrator.",
'SecurityException:NoAuthMethods' => "No authentication methods were found that could authenticate this API request.",
- 'SecurityException:UnexpectedOutputInGatekeeper' => 'Unexpected output in gatekeeper call. Halting execution for security. Search http://docs.elgg.org/ for more information.',
+ 'SecurityException:ForwardFailedToRedirect' => 'Redirect could not be issued due to headers already being sent. Halting execution for security. Search http://docs.elgg.org/ for more information.',
'InvalidParameterException:APIMethodOrFunctionNotSet' => "Method or function not set in call in expose_method()",
'InvalidParameterException:APIParametersArrayStructure' => "Parameters array structure is incorrect for call to expose method '%s'",
'InvalidParameterException:UnrecognisedHttpMethod' => "Unrecognised http method %s for api method '%s'",