From: moodler <moodler>
Date: Thu, 23 Jan 2003 02:50:38 +0000 (+0000)
Subject: Some robustness fixes
X-Git-Url: http://git.mjollnir.org/gw?a=commitdiff_plain;h=48d38fad63633029c812f5cc6ecc18a20595285a;p=moodle.git

Some robustness fixes
---

diff --git a/mod/forum/lib.php b/mod/forum/lib.php
index 89a3394fee..34ef8d66df 100644
--- a/mod/forum/lib.php
+++ b/mod/forum/lib.php
@@ -1066,8 +1066,13 @@ function forum_set_return() {
     global $CFG, $SESSION;
 
     if (! isset($SESSION->fromdiscussion)) {
+        if (!empty($_SERVER['HTTP_REFERER'])) {
+            $referer = $_SERVER['HTTP_REFERER'];
+        } else {
+            $referer = "";
+        }
         // If the referer is NOT a login screen then save it.
-        if (! strncasecmp("$CFG->wwwroot/login", $_SERVER["HTTP_REFERER"], 300)) {
+        if (! strncasecmp("$CFG->wwwroot/login", $referer, 300)) {
             $SESSION->fromdiscussion = $_SERVER["HTTP_REFERER"];
             save_session("SESSION");
         }
diff --git a/mod/forum/post.php b/mod/forum/post.php
index 4edef6ef88..8ff68e4eab 100644
--- a/mod/forum/post.php
+++ b/mod/forum/post.php
@@ -10,6 +10,8 @@
         error(get_string("noguestpost", "forum"), $_SERVER["HTTP_REFERER"]);
     }
 
+    require_login();   // Script is useless unless they're logged in
+
     if ($post = data_submitted()) {
 
         $post->subject = strip_tags($post->subject);  // Strip all tags
@@ -21,8 +23,6 @@
             error(get_string("emptymessage", "forum"));
         }
 
-        require_login();
-
         if ($post->edit) {           // Updating a post
             $post->id = $post->edit;
             if (forum_update_post($post)) {