From 3348010307436044a4eff510dfb8c2b26af91e39 Mon Sep 17 00:00:00 2001
From: Jan-Hendrik Willms <tleilax+studip@gmail.com>
Date: Thu, 11 Nov 2021 15:42:39 +0000
Subject: [PATCH] simplify and fix linking

---
 public/seminar_main.php | 12 ++++--------
 1 file changed, 4 insertions(+), 8 deletions(-)

diff --git a/public/seminar_main.php b/public/seminar_main.php
index 7958a7f5e09..0e7eed1e9ea 100644
--- a/public/seminar_main.php
+++ b/public/seminar_main.php
@@ -62,17 +62,13 @@ if (Request::get('auswahl')) {
 
 
 // gibt es eine Anweisung zur Umleitung?
-if (Request::get('redirect_to')) {
-    $query_parts = explode('&', mb_stristr(urldecode($_SERVER['QUERY_STRING']), 'redirect_to'));
-    list( , $where_to) = explode('=', array_shift($query_parts));
-    $new_query = $where_to . '?' . join('&', $query_parts);
-    $new_query = preg_replace('/[^:0-9a-z+_.#?&=\/-]/i', '', $new_query);
-
-    if (preg_match('~^(\w+:)?//~', $new_query) && !is_internal_url($new_query)) {
+$redirect_to = Request::get('redirect_to');
+if ($redirect_to) {
+    if (!is_internal_url($redirect_to)) {
         throw new Exception('Invalid redirection');
     }
 
-    header('Location: '.URLHelper::getURL($new_query, ['cid' => $course_id]));
+    header('Location: '.URLHelper::getURL($redirect_to, ['cid' => $course_id]));
     die;
 }
 
-- 
GitLab