From 70ed990ed29e49f6dc52512c32ad50efd28e57bc Mon Sep 17 00:00:00 2001
From: skodak <skodak>
Date: Sun, 14 May 2006 21:21:35 +0000
Subject: [PATCH] fixed secure forms handling when POST url contained GET
 parameters (cookieless mode and some other forms); merged from
 MOODLE_16_STABLE

---
 lib/weblib.php | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/lib/weblib.php b/lib/weblib.php
index 11bef1a194..16231e780f 100644
--- a/lib/weblib.php
+++ b/lib/weblib.php
@@ -284,6 +284,11 @@ function match_referer($goodreferer = '') {
 
     if (empty($goodreferer)) {
         $goodreferer = qualified_me();
+        // try to remove everything after ? because POST url may contain GET parameters (SID rewrite, etc.)
+	    $pos = strpos($goodreferer, '?');
+        if ($pos !== FALSE) {
+            $goodreferer = substr($goodreferer, 0, $pos);
+        }
     }
 
     $referer = get_referer();
-- 
2.39.5