[Typo3-dev] security suggestion for tipafriend ext
Thorsten Kahler
thorsten.kahler at dkd.de
Wed Jun 9 08:55:55 CEST 2004
Chi Hoang wrote:
> Thorsten Kahler wrote:
>>If so, IMHO it's also possible to use the jumpUrl feature.
>>(appending some variable to the tiplink and redirect if variable is
>>set)
>
>
> Could you explain some more please? Looks interesting. Thanks!
You can set $GLOBALS['TSFE']->jumpurl to redirect to the value of
jumpurl. It's used _after_ page generation to send a header('Location:
somewhere') where appropriate.
So you can determine in main_tipafriend() if $this->piVars['something']
is set. If it's set you can write some values to the fe_user session
(which is not possible if you use header('Location: somewhere') in you
extension code!) and set the jumpurl value to "somewhere".
Regards,
Thorsten
More information about the TYPO3-dev
mailing list