diff options
author | Aaron Parecki <aaron@parecki.com> | 2014-05-30 08:09:41 -0700 |
---|---|---|
committer | Aaron Parecki <aaron@parecki.com> | 2014-05-30 08:09:41 -0700 |
commit | 9b040151e6ecc13a02c46384834cb238b7efbd37 (patch) | |
tree | 441da13bad42003efe6d3cbbec957a806e25a54f /controllers/auth.php | |
parent | 1069afaaa149f88a2cf9d5165203216a94507d95 (diff) |
check for empty "me" parameter
Diffstat (limited to 'controllers/auth.php')
-rw-r--r-- | controllers/auth.php | 5 |
1 files changed, 4 insertions, 1 deletions
diff --git a/controllers/auth.php b/controllers/auth.php index 7caddd3..abbe3b9 100644 --- a/controllers/auth.php +++ b/controllers/auth.php @@ -27,6 +27,9 @@ function build_url($parsed_url) { function normalizeMeURL($url) { $me = parse_url($url); + if(array_key_exists('path', $me) && $me['path'] == '') + return false; + // parse_url returns just "path" for naked domains if(count($me) == 1 && array_key_exists('path', $me)) { $me['host'] = $me['path']; @@ -79,7 +82,7 @@ $app->get('/auth/start', function() use($app) { $html = render('auth_error', array( 'title' => 'Sign In', 'error' => 'Invalid "me" Parameter', - 'errorDescription' => 'The ID you entered, <strong>' . $params['me'] . '</strong> is not valid.' + 'errorDescription' => 'The URL you entered, "<strong>' . $params['me'] . '</strong>" is not valid.' )); $app->response()->body($html); return; |