www: switch to absolute redirects #1168

289c349b · Franco Fichtner · 9b0ed8f8 · 289c349b · 289c349b · 289c349b
Commit 289c349b authored Sep 24, 2016 by Franco Fichtner
14 changed files
--- a/src/www/carp_status.php
+++ b/src/www/carp_status.php
@@ -76,7 +76,7 @@ if ($_SERVER['REQUEST_METHOD'] === 'POST') {
            }
        }
    }
-    header(url_safe('Location: carp_status.php?savemsg=%s', array($savemsg)));
+    header(url_safe('Location: /carp_status.php?savemsg=%s', array($savemsg)));
    exit;
 } elseif ($_SERVER['REQUEST_METHOD'] === 'GET') {
    if (!empty($_GET['savemsg'])) {

--- a/src/www/status_wireless.php
+++ b/src/www/status_wireless.php
@@ -45,7 +45,7 @@ if ($_SERVER['REQUEST_METHOD'] === 'GET') {
    $rwlif = escapeshellarg(get_real_interface($if));
    if(!empty($_POST['rescanwifi'])) {
        mwexecf_bg('/sbin/ifconfig %s scan', $rwlif);
-        header(url_safe('Location: status_wireless.php?if=%s&savemsg=rescan', $if));
+        header(url_safe('Location: /status_wireless.php?if=%s&savemsg=rescan', array($if)));
        exit;
    }
 }

--- a/src/www/system_usermanager.php
+++ b/src/www/system_usermanager.php
@@ -173,7 +173,7 @@ if ($_SERVER['REQUEST_METHOD'] === 'GET') {
            unset($a_user[$id]);
            write_config();
            $savemsg = sprintf(gettext('The user "%s" was successfully removed.'), $userdeleted);
-            header(url_safe('Location: system_usermanager.php?savemsg=%s', $savemsg));
+            header(url_safe('Location: /system_usermanager.php?savemsg=%s', array($savemsg)));
            exit;
        }
    } elseif ($act == "delcert" && isset($id)) {
@@ -183,7 +183,7 @@ if ($_SERVER['REQUEST_METHOD'] === 'GET') {
        unset($a_user[$id]['cert'][$pconfig['certid']]);
        write_config();
        $savemsg = sprintf(gettext('The certificate association "%s" was successfully removed.'), $certdeleted);
-        header(url_safe('Location: system_usermanager.php?savemsg=%s&act=edit&userid=%s', array($savemsg, $id)));
+        header(url_safe('Location: /system_usermanager.php?savemsg=%s&act=edit&userid=%s', array($savemsg, $id)));
        exit;
    } elseif ($act == "newApiKey" && isset($id)) {
        // every action is using the sequence of the user, to keep it understandable, we will use
@@ -209,7 +209,7 @@ if ($_SERVER['REQUEST_METHOD'] === 'GET') {
            $savemsg = gettext('No API key found');
        }
        // redirect
-        header(url_safe('Location: system_usermanager.php?savemsg=%s&act=edit&userid=%s', array($savemsg, $id)));
+        header(url_safe('Location: /system_usermanager.php?savemsg=%s&act=edit&userid=%s', array($savemsg, $id)));
        exit;
    } elseif (isset($pconfig['save'])) {
        // save user
@@ -351,17 +351,17 @@ if ($_SERVER['REQUEST_METHOD'] === 'GET') {
            if (!empty($pconfig['chkNewCert'])) {
                // redirect to cert manager when a new cert is requested for this user
-                header(url_safe('Location: system_certmanager.php?act=new&userid=%s', count($a_user) - 1));
+                header(url_safe('Location: /system_certmanager.php?act=new&userid=%s', array(count($a_user) - 1)));
            } else {
-                header(url_safe('Location: system_usermanager.php'));
+                header(url_safe('Location: /system_usermanager.php'));
                exit;
            }
        }
    } elseif (isset($id)) {
-        header(url_safe('Location: system_usermanager.php?userid=%s', $id));
+        header(url_safe('Location: /system_usermanager.php?userid=%s', array($id)));
        exit;
    } else {
-        header(url_safe('Location: system_usermanager.php'));
+        header(url_safe('Location: /system_usermanager.php'));
        exit;
    }
 }

--- a/src/www/system_usermanager_addprivs.php
+++ b/src/www/system_usermanager_addprivs.php
@@ -52,7 +52,7 @@ if ($_SERVER['REQUEST_METHOD'] === 'GET') {
        $input_type = "group";
        $id = $_GET['groupid'];
    } else {
-        header(url_safe('Location: system_usermanager.php'));
+        header(url_safe('Location: /system_usermanager.php'));
        exit;
    }
    if ($input_type == "group") {
@@ -80,7 +80,7 @@ if ($_SERVER['REQUEST_METHOD'] === 'GET') {
            $retval = write_config();
            $savemsg = get_std_save_message();
-            header(url_safe('Location: system_usermanager.php?act=edit&userid=%s&savemsg=%s', array($userid, $savemsg)));
+            header(url_safe('Location: /system_usermanager.php?act=edit&userid=%s&savemsg=%s', array($userid, $savemsg)));
            exit;
        } elseif ($_POST['input_type'] == 'group' && isset($config['system']['group'][$pconfig['id']]['name'])) {
            $groupid = $_POST['id'];
@@ -101,11 +101,11 @@ if ($_SERVER['REQUEST_METHOD'] === 'GET') {
            }
            write_config();
-            header(url_safe('Location: system_groupmanager.php?act=edit&groupid=%s', $groupid));
+            header(url_safe('Location: /system_groupmanager.php?act=edit&groupid=%s', array($groupid)));
            exit;
        }
    }
-    header(url_safe('Location: system_usermanager.php'));
+    header(url_safe('Location: /system_usermanager.php'));
    exit;
 }

--- a/src/www/vpn_ipsec.php
+++ b/src/www/vpn_ipsec.php
@@ -92,7 +92,7 @@ if ($_SERVER['REQUEST_METHOD'] === 'POST') {
        ipsec_configure();
        filter_configure();
        clear_subsystem_dirty('ipsec');
-        header(url_safe('Location: vpn_ipsec.php'));
+        header(url_safe('Location: /vpn_ipsec.php'));
        exit;
    } elseif (!empty($_POST['act']) && $_POST['act'] == "delphase1" ) {
        $del_items = array();
@@ -119,7 +119,7 @@ if ($_SERVER['REQUEST_METHOD'] === 'POST') {
        write_config();
        mark_subsystem_dirty('ipsec');
-        header(url_safe('Location: vpn_ipsec.php'));
+        header(url_safe('Location: /vpn_ipsec.php'));
        exit;
    } elseif (!empty($_POST['act']) && $_POST['act'] == "delphase2" ) {
        if (isset($_POST['id']) && isset($config['ipsec']['phase2'][$_POST['id']])){
@@ -131,7 +131,7 @@ if ($_SERVER['REQUEST_METHOD'] === 'POST') {
        }
        write_config();
        mark_subsystem_dirty('ipsec');
-        header(url_safe('Location: vpn_ipsec.php'));
+        header(url_safe('Location: /vpn_ipsec.php'));
        exit;
    } elseif (!empty($_POST['act']) && $_POST['act'] == "movep1" ) {
        // move phase 1 records
@@ -146,7 +146,7 @@ if ($_SERVER['REQUEST_METHOD'] === 'POST') {
        }
        write_config();
        mark_subsystem_dirty('ipsec');
-        header(url_safe('Location: vpn_ipsec.php'));
+        header(url_safe('Location: /vpn_ipsec.php'));
        exit;
    } elseif (!empty($_POST['act']) && $_POST['act'] == "movep2" ) {
        // move phase 2 records
@@ -161,7 +161,7 @@ if ($_SERVER['REQUEST_METHOD'] === 'POST') {
        }
        write_config();
        mark_subsystem_dirty('ipsec');
-        header(url_safe('Location: vpn_ipsec.php'));
+        header(url_safe('Location: /vpn_ipsec.php'));
        exit;
    } elseif (!empty($_POST['act']) && $_POST['act'] == "togglep1" && isset($a_phase1[$_POST['id']]) ) {
        // toggle phase 1 record
@@ -172,7 +172,7 @@ if ($_SERVER['REQUEST_METHOD'] === 'POST') {
        }
        write_config();
        mark_subsystem_dirty('ipsec');
-        header(url_safe('Location: vpn_ipsec.php'));
+        header(url_safe('Location: /vpn_ipsec.php'));
        exit;
    } elseif (!empty($_POST['act']) && $_POST['act'] == "togglep2" && isset($a_phase2[$_POST['id']]) ) {
        // toggle phase 2 record
@@ -183,7 +183,7 @@ if ($_SERVER['REQUEST_METHOD'] === 'POST') {
        }
        write_config();
        mark_subsystem_dirty('ipsec');
-        header(url_safe('Location: vpn_ipsec.php'));
+        header(url_safe('Location: /vpn_ipsec.php'));
        exit;
    }
 }

--- a/src/www/vpn_ipsec_keys.php
+++ b/src/www/vpn_ipsec_keys.php
@@ -51,7 +51,7 @@ if ($_SERVER['REQUEST_METHOD'] === 'POST') {
            unset($config['ipsec']['mobilekey'][$_POST['id']]);
            write_config('Deleted pre-shared IPsec key');
            mark_subsystem_dirty('ipsec');
-            header(url_safe('Location: vpn_ipsec_keys.php'));
+            header(url_safe('Location: /vpn_ipsec_keys.php'));
            exit;
        }
    } elseif (isset($_POST['apply'])) {
@@ -62,7 +62,7 @@ if ($_SERVER['REQUEST_METHOD'] === 'POST') {
        clear_subsystem_dirty('ipsec');
    } else {
      // nothing to post, redirect
-        header(url_safe('Location: vpn_ipsec_keys.php'));
+        header(url_safe('Location: /vpn_ipsec_keys.php'));
        exit;
    }
 }

--- a/src/www/vpn_ipsec_keys_edit.php
+++ b/src/www/vpn_ipsec_keys_edit.php
@@ -111,7 +111,7 @@ if ($_SERVER['REQUEST_METHOD'] === 'GET') {
        write_config("{$config_write_text} IPsec Pre-Shared Keys");
        mark_subsystem_dirty('ipsec');
-        header(url_safe('Location: vpn_ipsec_keys.php'));
+        header(url_safe('Location: /vpn_ipsec_keys.php'));
        exit;
    }
 }

--- a/src/www/vpn_ipsec_mobile.php
+++ b/src/www/vpn_ipsec_mobile.php
@@ -85,14 +85,14 @@ if ($_SERVER['REQUEST_METHOD'] === 'GET') {
    $pconfig = $_POST;
    if (isset($_POST['create'])) {
        // create new phase1 entry
-        header(url_safe('Location: vpn_ipsec_phase1.php?mobile=true'));
+        header(url_safe('Location: /vpn_ipsec_phase1.php?mobile=true'));
        exit;
    } elseif (isset($_POST['apply'])) {
        // apply changes
        ipsec_configure();
        $savemsg = get_std_save_message();
        clear_subsystem_dirty('ipsec');
-        header(url_safe('Location: vpn_ipsec_mobile.php?savemsg=%s', $savemsg));
+        header(url_safe('Location: /vpn_ipsec_mobile.php?savemsg=%s', array($savemsg)));
        exit;
    } elseif (isset($_POST['submit'])) {
        // save form changes
@@ -172,7 +172,7 @@ if ($_SERVER['REQUEST_METHOD'] === 'GET') {
            write_config();
            mark_subsystem_dirty('ipsec');
-            header(url_safe('Location: vpn_ipsec_mobile.php'));
+            header(url_safe('Location: /vpn_ipsec_mobile.php'));
            exit;
        }
    }

--- a/src/www/vpn_ipsec_phase1.php
+++ b/src/www/vpn_ipsec_phase1.php
@@ -397,7 +397,7 @@ if ($_SERVER['REQUEST_METHOD'] === 'GET') {
        write_config();
        mark_subsystem_dirty('ipsec');
-        header(url_safe('Location: vpn_ipsec.php'));
+        header(url_safe('Location: /vpn_ipsec.php'));
        exit;
    }
 }

--- a/src/www/vpn_ipsec_phase2.php
+++ b/src/www/vpn_ipsec_phase2.php
@@ -445,7 +445,7 @@ if ($_SERVER['REQUEST_METHOD'] === 'GET') {
        write_config();
        mark_subsystem_dirty('ipsec');
-        header(url_safe('Location: vpn_ipsec.php'));
+        header(url_safe('Location: /vpn_ipsec.php'));
        exit;
    }
 }

--- a/src/www/vpn_openvpn_client.php
+++ b/src/www/vpn_openvpn_client.php
@@ -137,7 +137,7 @@ if ($_SERVER['REQUEST_METHOD'] === 'GET') {
            unset($a_client[$id]);
            write_config();
        }
-        header(url_safe('Location: vpn_openvpn_client.php'));
+        header(url_safe('Location: /vpn_openvpn_client.php'));
        exit;
    } elseif ($act == "del_x") {
        if (!empty($pconfig['rule']) && is_array($pconfig['rule'])) {
@@ -149,7 +149,7 @@ if ($_SERVER['REQUEST_METHOD'] === 'GET') {
            }
            write_config();
        }
-        header(url_safe('Location: vpn_openvpn_client.php'));
+        header(url_safe('Location: /vpn_openvpn_client.php'));
        exit;
    } elseif ($act == "move"){
      // move selected items
@@ -159,7 +159,7 @@ if ($_SERVER['REQUEST_METHOD'] === 'GET') {
      }
      $a_client = legacy_move_config_list_items($a_client, $id,  $pconfig['rule']);
      write_config();
-      header(url_safe('Location: vpn_openvpn_client.php'));
+      header(url_safe('Location: /vpn_openvpn_client.php'));
      exit;
    } elseif ($act == "toggle") {
        if (isset($id)) {
@@ -171,7 +171,7 @@ if ($_SERVER['REQUEST_METHOD'] === 'GET') {
            openvpn_resync('client', $a_client[$id]);
            write_config();
        }
-        header(url_safe('Location: vpn_openvpn_client.php'));
+        header(url_safe('Location: /vpn_openvpn_client.php'));
        exit;
    } else {
        // update client (after validation)
@@ -339,7 +339,7 @@ if ($_SERVER['REQUEST_METHOD'] === 'GET') {
            openvpn_resync('client', $client);
            write_config();
-            header(url_safe('Location: vpn_openvpn_client.php'));
+            header(url_safe('Location: /vpn_openvpn_client.php'));
            exit;
        }
    }

--- a/src/www/vpn_openvpn_csc.php
+++ b/src/www/vpn_openvpn_csc.php
@@ -90,7 +90,7 @@ if ($_SERVER['REQUEST_METHOD'] === 'GET') {
            unset($a_csc[$id]);
            write_config();
        }
-        header(url_safe('Location: vpn_openvpn_csc.php'));
+        header(url_safe('Location: /vpn_openvpn_csc.php'));
        exit;
    } elseif ($act == "del_x") {
        if (!empty($pconfig['rule']) && is_array($pconfig['rule'])) {
@@ -102,7 +102,7 @@ if ($_SERVER['REQUEST_METHOD'] === 'GET') {
            }
            write_config();
        }
-        header(url_safe('Location: vpn_openvpn_csc.php'));
+        header(url_safe('Location: /vpn_openvpn_csc.php'));
        exit;
    } elseif ($act == "move"){
      // move selected items
@@ -112,7 +112,7 @@ if ($_SERVER['REQUEST_METHOD'] === 'GET') {
      }
      $a_csc = legacy_move_config_list_items($a_csc, $id,  $pconfig['rule']);
      write_config();
-      header(url_safe('Location: vpn_openvpn_csc.php'));
+      header(url_safe('Location: /vpn_openvpn_csc.php'));
      exit;
    } elseif ($act == "toggle") {
        if (isset($id)) {
@@ -124,7 +124,7 @@ if ($_SERVER['REQUEST_METHOD'] === 'GET') {
            write_config();
            openvpn_resync_csc();
        }
-        header(url_safe('Location: vpn_openvpn_csc.php'));
+        header(url_safe('Location: /vpn_openvpn_csc.php'));
        exit;
    } else {
        /* perform validations */
@@ -225,7 +225,7 @@ if ($_SERVER['REQUEST_METHOD'] === 'GET') {
            write_config();
            openvpn_resync_csc();
-            header(url_safe('Location: vpn_openvpn_csc.php'));
+            header(url_safe('Location: /vpn_openvpn_csc.php'));
            exit;
        }
    }

--- a/src/www/vpn_openvpn_export.php
+++ b/src/www/vpn_openvpn_export.php
@@ -112,7 +112,7 @@ if (isset($config['openvpn']['openvpn-server'])) {
        $usrid = isset($_GET['usrid']) ? $_GET['usrid'] : false;
        $crtid = isset($_GET['crtid']) ? $_GET['crtid'] : false;
        if ($srvid === false) {
-            header(url_safe('Location: vpn_openvpn_export.php'));
+            header(url_safe('Location: /vpn_openvpn_export.php'));
            exit;
        }

--- a/src/www/vpn_openvpn_server.php
+++ b/src/www/vpn_openvpn_server.php
@@ -141,7 +141,7 @@ if ($_SERVER['REQUEST_METHOD'] === 'GET') {
            unset($a_server[$id]);
            write_config();
        }
-        header(url_safe('Location: vpn_openvpn_server.php'));
+        header(url_safe('Location: /vpn_openvpn_server.php'));
        exit;
    } elseif ($act == "toggle") {
        if (isset($id)) {
@@ -153,7 +153,7 @@ if ($_SERVER['REQUEST_METHOD'] === 'GET') {
            openvpn_resync('server', $a_server[$id]);
            write_config();
        }
-        header(url_safe('Location: vpn_openvpn_server.php'));
+        header(url_safe('Location: /vpn_openvpn_server.php'));
        exit;
    } else {
        // action add/update
@@ -406,7 +406,7 @@ if ($_SERVER['REQUEST_METHOD'] === 'GET') {
            write_config();
            openvpn_resync_csc(); // dump client specific overrides, the required set may have changed
-            header(url_safe('Location: vpn_openvpn_server.php'));
+            header(url_safe('Location: /vpn_openvpn_server.php'));
            exit;
        } elseif (!empty($pconfig['authmode'])) {
            $pconfig['authmode'] = implode(",", $pconfig['authmode']);