hi,

I've got a PHPBB 3.06 with the board 3 portal installed.

I've installed the latest Advanced SEO mod.

Everything was working fine until this morning, I installed the Zero Duplicate mod.

Now whenever I access the index.php page I get the following error.

Tried to redirect to potentially insecure url.{./index.php?}

I've modified setup_phpbb_seo.php so it shows the URL where its trying to direct to.

I'm running Apache at home with mod_rewrite installed and output buffering on.

A 503 header is being returned with the error.

Attempting to view a topic or forum produces the same error.

Tried to redirect to potentially insecure url.{./viewtopic.php?f=60&t=595&start=0}

The forums is installed into the following path, http://127.0.0.1/forums

Here is my .htaccess file.

Code: Select all

<Files "config.php">
Order Allow,Deny
Deny from All
</Files>

<Files "common.php">
Order Allow,Deny
Deny from All
</Files>

DirectoryIndex portal.php index.php index.html index.htm

# You may need to un-comment the following lines
Options +FollowSymlinks
# To make sure that rewritten dir or file (/|.html) will not load dir.php in case it exist
Options -MultiViews
# REMEBER YOU ONLY NEED TO STARD MOD REWRITE ONCE
RewriteEngine On
# REWRITE BASE
RewriteBase /
# HERE IS A GOOD PLACE TO FORCE CANONICAL DOMAIN
# RewriteCond %{HTTP_HOST} !^127\.0\.0\.1/forums$ [NC]
# RewriteRule ^(.*)$ http://127.0.0.1/forums/$1 [QSA,L,R=301]

# DO NOT GO FURTHER IF THE REQUESTED FILE / DIR DOES EXISTS
RewriteCond %{REQUEST_FILENAME} -f
RewriteCond %{REQUEST_FILENAME} -d
RewriteRule . - [L]
#####################################################
# PHPBB SEO REWRITE RULES ALL MODES
#####################################################
# AUTHOR : dcz www.phpbb-seo.com
# STARTED : 01/2006
#################################
# FORUMS PAGES
###############
# FORUM INDEX
RewriteRule ^index\.php$ /forums/index.php [QSA,L,NC]
# FORUM ALL MODES
RewriteRule ^(forum|[a-z0-9_-]*-f)([0-9]+)/?(page([0-9]+)\.html)?$ /forums/viewforum.php?f=$2&start=$4 [QSA,L,NC]
# TOPIC WITH VIRTUAL FOLDER ALL MODES
RewriteRule ^(forum|[a-z0-9_-]*-f)([0-9]+)/(topic|[a-z0-9_-]*-t)([0-9]+)(-([0-9]+))?\.html$ /forums/viewtopic.php?f=$2&t=$4&start=$6 [QSA,L,NC]
# GLOBAL ANNOUNCES WITH VIRTUAL FOLDER ALL MODES
RewriteRule ^announces/(topic|[a-z0-9_-]*-t)([0-9]+)(-([0-9]+))?\.html$ /forums/viewtopic.php?t=$2&start=$4 [QSA,L,NC]
# TOPIC WITHOUT FORUM ID & DELIM ALL MODES
RewriteRule ^([a-z0-9_-]*)/?(topic|[a-z0-9_-]*-t)([0-9]+)(-([0-9]+))?\.html$ /forums/viewtopic.php?forum_uri=$1&t=$3&start=$5 [QSA,L,NC]
# PHPBB FILES ALL MODES
RewriteRule ^resources/[a-z0-9_-]+/(thumb/)?([0-9]+)$ /forums/download/file.php?id=$2&t=$1 [QSA,L,NC]
# PROFILES ALL MODES WITH ID
RewriteRule ^(member|[a-z0-9_-]*-u)([0-9]+)\.html$ /forums/memberlist.php?mode=viewprofile&u=$2 [QSA,L,NC]
# USER MESSAGES ALL MODES WITH ID
RewriteRule ^(member|[a-z0-9_-]*-u)([0-9]+)-(topics|posts)(-([0-9]+))?\.html$ /forums/search.php?author_id=$2&sr=$3&start=$5 [QSA,L,NC]
# GROUPS ALL MODES
RewriteRule ^(group|[a-z0-9_-]*-g)([0-9]+)(-([0-9]+))?\.html$ /forums/memberlist.php?mode=group&g=$2&start=$4 [QSA,L,NC]
# POST
RewriteRule ^post([0-9]+)\.html$ /forums/viewtopic.php?p=$1 [QSA,L,NC]
# ACTIVE TOPICS
RewriteRule ^active-topics(-([0-9]+))?\.html$ /forums/search.php?search_id=active_topics&start=$2&sr=topics [QSA,L,NC]
# UNANSWERED TOPICS
RewriteRule ^unanswered(-([0-9]+))?\.html$ /forums/search.php?search_id=unanswered&start=$2&sr=topics [QSA,L,NC]
# NEW POSTS
RewriteRule ^newposts(-([0-9]+))?\.html$ /forums/search.php?search_id=newposts&start=$2&sr=topics [QSA,L,NC]
# THE TEAM
RewriteRule ^the-team\.html$ /forums/memberlist.php?mode=leaders [QSA,L,NC]
# HERE IS A GOOD PLACE TO ADD OTHER PHPBB RELATED REWRITERULES

# FORUM WITHOUT ID & DELIM ALL MODES (SAME DELIM)
# THESE THREE LINES MUST BE LOCATED AT THE END OF YOUR HTACCESS TO WORK PROPERLY
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule ^([a-z0-9_-]+)/?(page([0-9]+)\.html)?$ /forums/viewforum.php?forum_uri=$1&start=$3 [QSA,L,NC]
# FIX RELATIVE PATHS : FILES
RewriteRule ^.+/(style\.php|ucp\.php|mcp\.php|faq\.php|download/file.php)$ /forums/$1 [QSA,L,NC,R=301]
# FIX RELATIVE PATHS : IMAGES
RewriteRule ^.+/(styles/.*|images/.*)/$ /forums/$1 [QSA,L,NC,R=301]
# END PHPBB PAGES
#####################################################

When I de-activate the Zero Duplicate mod in the ACP, everything works fine again.

I've tried to get the seo_redirect function to work with no success, its pointing to the right URL with my modifications but for some reason it won't re-direct.

Code: Select all

function seo_redirect($url, $header = '301 Moved Permanently', $code = 301, $replace = true) {
      global $db;
      if (!$this->seo_opt['zero_dupe']['on'] || @headers_sent()) {
         return false;
      }
      garbage_collection();
      $url = str_replace('&', '&', $url);
      // Behave as redirect() for checks to provide with the same level of protection
      // Make sure no linebreaks are there... to prevent http response splitting for PHP < 4.4.2
      $url = substr($url, 2);
      $url = "http://127.0.0.1/forums/" . $url;
      
      if (strpos(urldecode($url), "\n") !== false || strpos(urldecode($url), "\r") !== false || strpos($url, ';') !== false) {
         //trigger_error('Tried to redirect to potentially insecure url.', E_USER_ERROR);
         trigger_error('Tried to redirect to potentially insecure url.{' . $url . '}', E_USER_ERROR);
      }
      // Now, also check the protocol and for a valid url the last time...
      $allowed_protocols = array('http', 'https'/*, 'ftp', 'ftps'*/);
      $url_parts = parse_url($url);
      if ($url_parts === false || empty($url_parts['scheme']) || !in_array($url_parts['scheme'], $allowed_protocols)) {
         //trigger_error('Tried to redirect to potentially insecure url.', E_USER_ERROR);
         trigger_error('Tried to redirect to potentially insecure url.{' . $url . '}', E_USER_ERROR);
      }
      $http = 'HTTP/1.1 ';
      header($http . $header, $replace, $code);
      header('Location: ' . $url);
      exit_handler();
   }

I'm well out of my depth here, I wish somebody would help.

EDIT: I've tested a basic 301 redirect and it seemed to work fine.

I'm willing to bet you missed a few edits when you installed the zero dupe or the Ultimate SEO URL in Advanced mode.

You shouldn't have to be digging in the code and making edits.

I think you should also move this line..

Code: Select all

DirectoryIndex portal.php index.php index.html index.htm

to the bottom of your .htaccess file.

It looks like the zero duplicate is trying to redirect to unrewritten urls and this should not happen since the zero duplicate should be turned off automatically when url rewriting is not activated.

The message you get seems due to ";" characters from the "&", which again should not be there with rewritten urls.

So make sure you did not accidentally remove or altered some part of the original code that would cause this behaviour.

++

Ok I scrapped the last one and decided to use the seo premod this time.

With the board3 portal installed and Zero Dupe activated I'm still getting an error when accessing portal.php

Code: Select all

Tried to redirect to potentially insecure url.

I'm using mixed URL re-writing with the following in my setup_phpbb_seo.php file

Code: Select all

$this->seo_static['index'] = 'index';
$this->seo_ext['index'] = '.php';


With Zero dupe de-activated the problem disappears and I'm able to access the portal again. Would really appreciate some help on this.

I'm using PHPBB 3.07 and mostly everything is up to date.

Thanks.

Well I fixed the problem, I'm not sure if its the right way to do it or not. Hopefully someone will come along to clarify...

I modifed the seo_redirect function in setup_phpbb_seo.php in the phpbb_seo/includes folder.

I added the if ($url != "./portal.php") { condition to the top so it will not redirect if the portal URL is passed.

Code: Select all

   function seo_redirect($url, $header = '301 Moved Permanently', $code = 301, $replace = true) {
      if ($url != "./portal.php") {
      global $db;
      if (!$this->seo_opt['zero_dupe']['on'] || @headers_sent()) {
         return false;
      }
      garbage_collection();
      $url = str_replace('&', '&', $url);
      // Behave as redirect() for checks to provide with the same level of protection
      // Make sure no linebreaks are there... to prevent http response splitting for PHP < 4.4.2
      if (strpos(urldecode($url), "\n") !== false || strpos(urldecode($url), "\r") !== false || strpos($url, ';') !== false) {
         trigger_error('Tried to redirect to potentially insecure url.', E_USER_ERROR);
      }
      // Now, also check the protocol and for a valid url the last time...
      $allowed_protocols = array('http', 'https'/*, 'ftp', 'ftps'*/);
      $url_parts = parse_url($url);
      if ($url_parts === false || empty($url_parts['scheme']) || !in_array($url_parts['scheme'], $allowed_protocols)) {
         trigger_error('Tried to redirect to potentially insecure url.', E_USER_ERROR);
      }
      $http = 'HTTP/1.1 ';
      header($http . $header, $replace, $code);
      header('Location: ' . $url);
      exit_handler();
      }
   }