From 9734a2022703ad67409da0acf05cbe177a06419a Mon Sep 17 00:00:00 2001
From: printempw <h@prinzeugen.net>
Date: Sun, 3 Apr 2016 08:09:59 +0800
Subject: [PATCH] added HTTP redirect function

---
 admin/adduser.php         |  4 ++--
 admin/admin_ajax.php      |  4 ++--
 admin/customize.php       |  4 ++--
 admin/index.php           |  4 ++--
 admin/manage.php          |  4 ++--
 admin/options.php         |  4 ++--
 admin/update.php          |  4 ++--
 libraries/Utils.class.php | 20 ++++++++++++++++++--
 libraries/session.inc.php |  6 +++---
 setup/install.php         | 12 ++++++------
 10 files changed, 41 insertions(+), 25 deletions(-)

diff --git a/admin/adduser.php b/admin/adduser.php
index 5efcac71..1e8b3c74 100644
--- a/admin/adduser.php
+++ b/admin/adduser.php
@@ -3,10 +3,10 @@
  * @Author: printempw
  * @Date:   2016-03-19 21:00:58
  * @Last Modified by:   printempw
- * @Last Modified time: 2016-04-02 18:33:01
+ * @Last Modified time: 2016-04-03 07:55:53
  */
 require "../libraries/session.inc.php";
-if (!$user->is_admin) header('Location: ../index.php?msg=看起来你并不是管理员');
+if (!$user->is_admin) Utils::redirect('../index.php?msg=看起来你并不是管理员');
 View::show('admin/header', array('page_title' => "添加用户"));
 $db = new Database\Database('users');
 ?>
diff --git a/admin/admin_ajax.php b/admin/admin_ajax.php
index 164e06cd..359a584b 100644
--- a/admin/admin_ajax.php
+++ b/admin/admin_ajax.php
@@ -3,12 +3,12 @@
  * @Author: printempw
  * @Date:   2016-02-04 13:53:55
  * @Last Modified by:   printempw
- * @Last Modified time: 2016-03-27 11:29:16
+ * @Last Modified time: 2016-04-03 07:55:53
  */
 require "../libraries/session.inc.php";
 
 // Check token, won't allow non-admin user to access
-if (!$user->is_admin) header('Location: ../index.php?msg=看起来你并不是管理员');
+if (!$user->is_admin) Utils::redirect('../index.php?msg=看起来你并不是管理员');
 
 /*
  * No protection here,
diff --git a/admin/customize.php b/admin/customize.php
index 183a3c72..5729bd93 100644
--- a/admin/customize.php
+++ b/admin/customize.php
@@ -3,10 +3,10 @@
  * @Author: printempw
  * @Date:   2016-03-19 14:34:21
  * @Last Modified by:   printempw
- * @Last Modified time: 2016-04-02 18:33:01
+ * @Last Modified time: 2016-04-03 07:55:53
  */
 require "../libraries/session.inc.php";
-if (!$user->is_admin) header('Location: ../index.php?msg=看起来你并不是管理员');
+if (!$user->is_admin) Utils::redirect('../index.php?msg=看起来你并不是管理员');
 $data['style'] = <<< 'EOT'
 <link rel="stylesheet" href="../assets/libs/AdminLTE/dist/css/skins/_all-skins.min.css">
 <style>
diff --git a/admin/index.php b/admin/index.php
index b623c5e5..ee3de3b4 100644
--- a/admin/index.php
+++ b/admin/index.php
@@ -3,10 +3,10 @@
  * @Author: printempw
  * @Date:   2016-02-03 14:39:50
  * @Last Modified by:   printempw
- * @Last Modified time: 2016-04-02 18:33:02
+ * @Last Modified time: 2016-04-03 07:59:57
  */
 require "../libraries/session.inc.php";
-if (!$user->is_admin) header('Location: ../index.php?msg=看起来你并不是管理员');
+if (!$user->is_admin) Utils::redirect('../index.php?msg=看起来你并不是管理员');
 View::show('admin/header', array('page_title' => "仪表盘"));
 $db = new Database\Database('users');
 ?>
diff --git a/admin/manage.php b/admin/manage.php
index 3dc42942..f92eddcd 100644
--- a/admin/manage.php
+++ b/admin/manage.php
@@ -3,10 +3,10 @@
  * @Author: printempw
  * @Date:   2016-03-06 14:19:20
  * @Last Modified by:   printempw
- * @Last Modified time: 2016-04-02 18:33:02
+ * @Last Modified time: 2016-04-03 07:55:53
  */
 require "../libraries/session.inc.php";
-if (!$user->is_admin) header('Location: ../index.php?msg=看起来你并不是管理员');
+if (!$user->is_admin) Utils::redirect('../index.php?msg=看起来你并不是管理员');
 View::show('admin/header', array('page_title' => "用户管理"));
 $db = new Database\Database('users');
 
diff --git a/admin/options.php b/admin/options.php
index b696be81..f31321c5 100644
--- a/admin/options.php
+++ b/admin/options.php
@@ -3,10 +3,10 @@
  * @Author: printempw
  * @Date:   2016-03-18 22:50:25
  * @Last Modified by:   printempw
- * @Last Modified time: 2016-04-02 18:33:02
+ * @Last Modified time: 2016-04-03 07:55:54
  */
 require "../libraries/session.inc.php";
-if (!$user->is_admin) header('Location: ../index.php?msg=看起来你并不是管理员');
+if (!$user->is_admin) Utils::redirect('../index.php?msg=看起来你并不是管理员');
 View::show('admin/header', array('page_title' => "站点配置"));
 $db = new Database\Database('users');
 ?>
diff --git a/admin/update.php b/admin/update.php
index 43854db2..888c1a4e 100644
--- a/admin/update.php
+++ b/admin/update.php
@@ -3,10 +3,10 @@
  * @Author: printempw
  * @Date:   2016-03-27 15:03:40
  * @Last Modified by:   printempw
- * @Last Modified time: 2016-04-02 18:33:02
+ * @Last Modified time: 2016-04-03 07:55:54
  */
 require "../libraries/session.inc.php";
-if (!$user->is_admin) header('Location: ../index.php?msg=看起来你并不是管理员');
+if (!$user->is_admin) Utils::redirect('../index.php?msg=看起来你并不是管理员');
 View::show('admin/header', array('page_title' => "检查更新"));
 $db = new Database\Database('users');
 ?>
diff --git a/libraries/Utils.class.php b/libraries/Utils.class.php
index d9614c5d..da5eb6ec 100644
--- a/libraries/Utils.class.php
+++ b/libraries/Utils.class.php
@@ -3,7 +3,7 @@
  * @Author: printempw
  * @Date:   2016-01-16 23:01:33
  * @Last Modified by:   printempw
- * @Last Modified time: 2016-04-02 22:01:48
+ * @Last Modified time: 2016-04-03 08:07:39
  */
 
 class Utils
@@ -163,7 +163,13 @@ class Utils
         return false;
     }
 
-    public function generateRndString($length) {
+    /**
+     * Generate random string
+     *
+     * @param  int $length
+     * @return string
+     */
+    public static function generateRndString($length) {
         $chars = 'abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789!@#$%^&*()-_ []{}<>~`+=,.;:/?|';
         $rnd_string = '';
         for ($i = 0; $i < $length; $i++) {
@@ -172,4 +178,14 @@ class Utils
         return $rnd_string;
     }
 
+    /**
+     * HTTP redirect
+     *
+     * @param  string $url
+     * @return null
+     */
+    public static function redirect($url) {
+        header('Location: '.$url);
+    }
+
 }
diff --git a/libraries/session.inc.php b/libraries/session.inc.php
index 28a1f54c..606fed3c 100644
--- a/libraries/session.inc.php
+++ b/libraries/session.inc.php
@@ -3,7 +3,7 @@
  * @Author: printempw
  * @Date:   2016-02-06 23:18:49
  * @Last Modified by:   printempw
- * @Last Modified time: 2016-03-26 18:47:49
+ * @Last Modified time: 2016-04-03 07:55:52
  */
 session_start();
 $dir = dirname(dirname(__FILE__));
@@ -18,8 +18,8 @@ if(isset($_COOKIE['uname']) && isset($_COOKIE['token'])) {
 if (isset($_SESSION['uname'])) {
     $user = new User($_SESSION['uname']);
     if ($_SESSION['token'] != $user->getToken()) {
-        header('Location: ../index.php?msg=无效的 token，请重新登录。');
+        Utils::redirect('../index.php?msg=无效的 token，请重新登录。');
     }
 } else {
-    header('Location: ../index.php?msg=非法访问，请先登录。');
+    Utils::redirect('../index.php?msg=非法访问，请先登录。');
 }
diff --git a/setup/install.php b/setup/install.php
index 1f9f6237..3cee36f6 100644
--- a/setup/install.php
+++ b/setup/install.php
@@ -3,7 +3,7 @@
  * @Author: printempw
  * @Date:   2016-01-16 23:01:33
  * @Last Modified by:   printempw
- * @Last Modified time: 2016-03-27 14:59:05
+ * @Last Modified time: 2016-04-03 07:55:52
  *
  * Blessing Skin Server Installer
  */
@@ -103,23 +103,23 @@ case 2:
 // check post
 if (isset($_POST['username']) && isset($_POST['password']) && isset($_POST['password2'])) {
     if ($_POST['password'] != $_POST['password2']) {
-        header('Location: install.php?step=2&msg=确认密码不一致。'); exit;
+        Utils::redirect('install.php?step=2&msg=确认密码不一致。'); exit;
     }
     $username = $_POST['username'];
     $password = $_POST['password'];
     $sitename = isset($_POST['sitename']) ? $_POST['sitename'] : "Blessing Skin Server";
     if (User::checkValidUname($username)) {
         if (strlen($password) > 16 || strlen($password) < 5) {
-            header('Location: install.php?step=2&msg=无效的密码。密码长度应该大于 6 并小于 15。');
+            Utils::redirect('install.php?step=2&msg=无效的密码。密码长度应该大于 6 并小于 15。');
             exit;
         } else if (Utils::convertString($password) != $password) {
-            header('Location: install.php?step=2&msg=无效的密码。密码中包含了奇怪的字符。'); exit;
+            Utils::redirect('install.php?step=2&msg=无效的密码。密码中包含了奇怪的字符。'); exit;
         }
     } else {
-        header('Location: install.php?step=2&msg=无效的用户名。用户名只能包含数字，字母以及下划线。'); exit;
+        Utils::redirect('install.php?step=2&msg=无效的用户名。用户名只能包含数字，字母以及下划线。'); exit;
     }
 } else {
-    header('Location: install.php?step=2&msg=表单信息不完整。'); exit;
+    Utils::redirect('install.php?step=2&msg=表单信息不完整。'); exit;
 }
 
 $table_users   = DB_PREFIX."users";