function uc_referer_check in Ubercart 6.2
Same name and namespace in other branches
- 5 uc_store/uc_store.module \uc_referer_check()
Checks referers to see if they are in the allowed list.
2 calls to uc_referer_check()
- uc_cart_checkout_form in uc_cart/
uc_cart.pages.inc - The checkout form built up from the enabled checkout panes.
- uc_cart_checkout_review in uc_cart/
uc_cart.pages.inc - Allows a customer to review their order before finally submitting it.
File
- uc_store/
uc_store.module, line 2141 - Contains global Ubercart functions and store administration functionality.
Code
function uc_referer_check($urls) {
global $base_path;
$http_referer = uc_referer_uri();
// Always return true if we have no referer; covers the case of page refreshes
// and switching from HTTP to HTTPS. This bypasses the two-time check below...
// is it safe?
if (empty($http_referer)) {
return TRUE;
}
// Check the user didn't shamelessly two-time us with another site.
$referer = parse_url($http_referer);
if ($referer['host'] != $_SERVER['SERVER_NAME']) {
return FALSE;
}
// Check the base path.
if (strncmp($referer['path'], $base_path, strlen($base_path))) {
return FALSE;
}
// Convert any path aliases.
$path = drupal_get_normal_path(substr($referer['path'], strlen($base_path)));
// The check itself.
return in_array($path, $urls);
}