1
Hi,
After installing XOOPS 2.2.3, I got following error:
XOOPS Site site security has detected that your computer has a firewall setting that is preventing you from registering on the site. We use 'Referrer-checking' know as HTTP_REFERER which makes sure that all contents posted are from authorised users only. Your firewall settings are blocking this information, so this will prevent you from registering properly if you try and proceed. [...]
In my test environment, I do not use default HTTP and HTTPS ports (80, 443) but something like 19080 and 19443. So the URL looks like
http://localhost:19080/.Due to this port number, the function checkReferer always returns false and XOOPS is not usable.
The problem comes from the test:
if ($pref['host'] != $_SERVER['HTTP_HOST']) { ...
In my environment, this condition will always be true as $pref['host'] value is 'localhost' and $_SERVER['HTTP_HOST'] value is 'localhost:19080'.
I've corrected it by updating these lines:
$pref = parse_url($ref);
if ( $pref['host'] != $_SERVER['HTTP_HOST'] ) {
return false;
}
by:
$pref = parse_url($ref);
$local_url = $pref['host'];
if ( $pref['port'] <> '' ) $local_url .= ':'.$pref['port'];
if ( $local_url != $_SERVER['HTTP_HOST'] ) {
return false;
}
I do not know if it is the best way to correct it but now it works.
