Tried to redirect to potentially insecure url

HAMMER663 · by **HAMMER663** » Mon Oct 22, 2012 11:30 am

I come to this topic, scroll down and to the right of the Quick: topic lock \ unlock
Close the topic and here's the error pops up. The link takes the form

Code: Select all: /mcp.php?f=352&t=148141&start=135&quickmod=1&redirect=.%2Fviewtopic.php%3Ff%3D352%26t%3D148141%26amp%3Bstart%3D135&confirm_key=4M86Z6MV2K

php version 5.2.6.

Code: Select all: GENERAL ERROR Tried to redirect to potentially insecure url. BACKTRACE FILE: (not given by php) LINE: (not given by php) CALL: msg_handler() FILE: [ROOT]/includes/functions.php LINE: 2584 CALL: trigger_error() FILE: [ROOT]/includes/functions.php LINE: 2744 CALL: redirect() FILE: [ROOT]/includes/mcp/mcp_main.php LINE: 277 CALL: meta_refresh() FILE: [ROOT]/includes/mcp/mcp_main.php LINE: 52 CALL: lock_unlock() FILE: [ROOT]/includes/functions_module.php LINE: 507 CALL: mcp_main->main() FILE: [ROOT]/includes/functions_module.php LINE: 802 CALL: p_master->load_active() FILE: [ROOT]/mcp.php LINE: 169 CALL: p_master->load()

FILE: [ROOT]/includes/functions.php
LINE: 2584

Code: Select all: // Make sure no linebreaks are there... to prevent http response splitting for PHP < 4.4.2 if (strpos(urldecode($url), "\n") !== false || strpos(urldecode($url), "\r") !== false || strpos($url, ';') !== false) { * trigger_error('Tried to redirect to potentially insecure url.', E_USER_ERROR); }

FILE: [ROOT]/includes/functions.php
LINE: 2744

Code: Select all: function meta_refresh($time, $url, $disable_cd_check = false) { global $template; * $url = redirect($url, true, $disable_cd_check); $url = str_replace('&', '&', $url);

FILE: [ROOT]/includes/mcp/mcp_main.php
LINE: 277

Code: Select all: if (!$success_msg) { redirect($redirect); } else { * meta_refresh(2, $redirect); trigger_error($user->lang[$success_msg] . '<br /><br />' . sprintf($user->lang['RETURN_PAGE'], '<a href="' . $redirect . '">', '</a>')); }

FILE: [ROOT]/includes/mcp/mcp_main.php
LINE: 52

Code: Select all: case 'unlock': $topic_ids = (!$quickmod) ? request_var('topic_id_list', array(0)) : array(request_var('t', 0)); if (!sizeof($topic_ids)) { trigger_error('NO_TOPIC_SELECTED'); } * lock_unlock($action, $topic_ids); break;

FILE: [ROOT]/includes/functions_module.php
LINE: 507

Code: Select all: // Execute the main method for the new instance, we send the module id and mode as parameters // Users are able to call the main method after this function to be able to assign additional parameters manually if ($execute_module) { * $this->module->main($this->p_name, $this->p_mode); }

FILE: [ROOT]/includes/functions_module.php
LINE: 802

Code: Select all: function load($class, $name, $mode = false) { $this->p_class = $class; $this->p_name = $name; // Set active module to true instead of using the id $this->active_module = true; * $this->load_active($mode); }

FILE: [ROOT]/mcp.php
LINE: 169

Code: Select all: case 'delete_topic': * $module->load('mcp', 'main', 'quickmod'); return; break;

Help me, please..

Tried to redirect to potentially insecure url

Tried to redirect to potentially insecure url

Advertisement

Who is online

Advertisement