summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorAaron Parecki <aaron@parecki.com>2014-05-30 08:09:41 -0700
committerAaron Parecki <aaron@parecki.com>2014-05-30 08:09:41 -0700
commit9b040151e6ecc13a02c46384834cb238b7efbd37 (patch)
tree441da13bad42003efe6d3cbbec957a806e25a54f
parent1069afaaa149f88a2cf9d5165203216a94507d95 (diff)
check for empty "me" parameter
-rw-r--r--controllers/auth.php5
-rw-r--r--views/auth_error.php2
2 files changed, 5 insertions, 2 deletions
diff --git a/controllers/auth.php b/controllers/auth.php
index 7caddd3..abbe3b9 100644
--- a/controllers/auth.php
+++ b/controllers/auth.php
@@ -27,6 +27,9 @@ function build_url($parsed_url) {
function normalizeMeURL($url) {
$me = parse_url($url);
+ if(array_key_exists('path', $me) && $me['path'] == '')
+ return false;
+
// parse_url returns just "path" for naked domains
if(count($me) == 1 && array_key_exists('path', $me)) {
$me['host'] = $me['path'];
@@ -79,7 +82,7 @@ $app->get('/auth/start', function() use($app) {
$html = render('auth_error', array(
'title' => 'Sign In',
'error' => 'Invalid "me" Parameter',
- 'errorDescription' => 'The ID you entered, <strong>' . $params['me'] . '</strong> is not valid.'
+ 'errorDescription' => 'The URL you entered, "<strong>' . $params['me'] . '</strong>" is not valid.'
));
$app->response()->body($html);
return;
diff --git a/views/auth_error.php b/views/auth_error.php
index 58728b5..b1db246 100644
--- a/views/auth_error.php
+++ b/views/auth_error.php
@@ -5,4 +5,4 @@
<p><?= $this->errorDescription ?></p>
-<?div> \ No newline at end of file
+</div> \ No newline at end of file