From 22f8de74875e5351fd7711f3b7b2b430c98f1c05 Mon Sep 17 00:00:00 2001
From: brettp <brettp@36083f99-b078-4883-b0ff-0f9b5a30f544>
Date: Tue, 7 Jun 2011 22:58:46 +0000
Subject: Refs #3510, #3418. Merged fix for forwarding after output to trunk.

git-svn-id: http://code.elgg.org/elgg/trunk@9141 36083f99-b078-4883-b0ff-0f9b5a30f544
---
 engine/lib/group.php    | 5 +++--
 engine/lib/sessions.php | 9 +++++++--
 2 files changed, 10 insertions(+), 4 deletions(-)

(limited to 'engine/lib')

diff --git a/engine/lib/group.php b/engine/lib/group.php
index d78274961..755482b00 100644
--- a/engine/lib/group.php
+++ b/engine/lib/group.php
@@ -276,8 +276,9 @@ function group_gatekeeper($forward = true) {
 
 	if ($forward && $allowed == false) {
 		register_error(elgg_echo('membershiprequired'));
-		forward($url, 'member');
-		exit;
+		if (!forward($url, 'member')) {
+			throw new SecurityException(elgg_echo('SecurityException:UnexpectedOutputInGatekeeper'));
+		}
 	}
 
 	return $allowed;
diff --git a/engine/lib/sessions.php b/engine/lib/sessions.php
index ae42956a9..407bb69c5 100644
--- a/engine/lib/sessions.php
+++ b/engine/lib/sessions.php
@@ -472,7 +472,10 @@ function gatekeeper() {
 	if (!elgg_is_logged_in()) {
 		$_SESSION['last_forward_from'] = current_page_url();
 		register_error(elgg_echo('loggedinrequired'));
-		forward('', 'login');
+
+		if (!forward('', 'login')) {
+			throw new SecurityException(elgg_echo('SecurityException:UnexpectedOutputInGatekeeper'));
+		}
 	}
 }
 
@@ -487,7 +490,9 @@ function admin_gatekeeper() {
 	if (!elgg_is_admin_logged_in()) {
 		$_SESSION['last_forward_from'] = current_page_url();
 		register_error(elgg_echo('adminrequired'));
-		forward('', 'admin');
+		if (!forward('', 'admin')) {
+			throw new SecurityException(elgg_echo('SecurityException:UnexpectedOutputInGatekeeper'));
+		}
 	}
 }
 
-- 
cgit v1.2.3