]> andersk Git - sql-web.git/blobdiff - index.php
andersk / sql-web.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
Fix CSRF vulnerabilities
[sql-web.git] / index.php
diff --git a/index.php b/index.php
index e8474a6aa5a22460b2f9bf4819499dc460eb9d52..386d5f7a304c24285fdf52af752f68af03cc887a 100755 (executable)
--- a/index.php
+++ b/index.php
@@ -9,8 +9,9 @@
 require_once('mitsql.cfg.php');
 require_once('mitsql.lib.php');
 
+if (substr(URI, -strlen('do/index')) != 'do/index') redirect('main/do/index');
 isLoggedIn() && redirect('main');
-!DEVEL && $_SERVER['SERVER_NAME'] != 'sql.mit.edu' && redirect2('http://sql.mit.edu/');
+//!DEVEL && $_SERVER['SERVER_NAME'] != 'sql.mit.edu' && redirect2('http://sql.mit.edu/');
 
 //$LoginSSL->canSignup() && redirect('signup');
 //redirect('login');
Unnamed repository; edit this file 'description' to name the repository.
This page took 0.039484 seconds and 4 git commands to generate.