refactor: use RedirectResponse class instead of header()

Author: thorsten

phpmyfaq/add.php

@@ -22,6 +22,7 @@
 use phpMyFAQ\Question;
 use phpMyFAQ\Strings;
 use phpMyFAQ\Translation;
+use Symfony\Component\HttpFoundation\RedirectResponse;
 use Symfony\Component\HttpFoundation\Request;
 
 if (!defined('IS_VALID_PHPMYFAQ')) {
@@ -33,14 +34,14 @@
 
 // Check user permissions
 if (-1 === $user->getUserId() && !$faqConfig->get('records.allowNewFaqsForGuests')) {
-    header('Location:' . $faqSystem->getSystemUri($faqConfig) . '?action=login');
-    exit;
+    $redirect = new RedirectResponse($faqSystem->getSystemUri($faqConfig) . '?action=login');
+    $redirect->send();
 }
 
 // Check permission to add new faqs
 if (-1 !== $user->getUserId() && !$user->perm->hasPermission($user->getUserId(), 'addfaq')) {
-    header('Location:' . $faqSystem->getSystemUri($faqConfig));
-    exit;
+    $redirect = new RedirectResponse($faqSystem->getSystemUri($faqConfig));
+    $redirect->send();
 }
 
 $captcha = Captcha::getInstance($faqConfig);

phpmyfaq/ask.php

@@ -21,7 +21,7 @@
 use phpMyFAQ\Helper\CategoryHelper as HelperCategory;
 use phpMyFAQ\Strings;
 use phpMyFAQ\Translation;
-use phpMyFAQ\User\CurrentUser;
+use Symfony\Component\HttpFoundation\RedirectResponse;
 use Symfony\Component\HttpFoundation\Request;
 
 if (!defined('IS_VALID_PHPMYFAQ')) {
@@ -31,7 +31,8 @@
 
 // Check user permissions
 if ((-1 === $user->getUserId() && !$faqConfig->get('records.allowQuestionsForGuests'))) {
-    header('Location:' . $faqSystem->getSystemUri($faqConfig) . '?action=login');
+    $redirect = new RedirectResponse($faqSystem->getSystemUri($faqConfig) . '?action=login');
+    $redirect->send();
 }
 
 $request = Request::createFromGlobals();

phpmyfaq/index.php

@@ -201,10 +201,11 @@
     $action = 'main';
     $ssoLogout = $faqConfig->get('security.ssoLogoutRedirect');
     if ($faqConfig->get('security.ssoSupport') && !empty($ssoLogout)) {
-        header('Location: ' . $ssoLogout);
+        $redirect = new RedirectResponse($ssoLogout);
     } else {
-        header('Location: ' . $faqConfig->getDefaultUrl());
+        $redirect = new RedirectResponse($faqConfig->getDefaultUrl());
     }
+    $redirect->send();
 }
 
 //

phpmyfaq/register.php

@@ -19,6 +19,7 @@
 use phpMyFAQ\Captcha\Captcha;
 use phpMyFAQ\Captcha\Helper\CaptchaHelper;
 use phpMyFAQ\Translation;
+use Symfony\Component\HttpFoundation\RedirectResponse;
 use Symfony\Component\HttpFoundation\Request;
 
 if (!defined('IS_VALID_PHPMYFAQ')) {
@@ -29,8 +30,8 @@
 $request = Request::createFromGlobals();
 
 if (!$faqConfig->get('security.enableRegistration')) {
-    header('Location:' . $faqSystem->getSystemUri($faqConfig));
-    exit();
+    $redirect = new RedirectResponse($faqSystem->getSystemUri($faqConfig));
+    $redirect->send();
 }
 
 try {

phpmyfaq/services/twitter/callback.php

@@ -18,6 +18,7 @@
 
 use Abraham\TwitterOAuth\TwitterOAuth;
 use phpMyFAQ\Filter;
+use Symfony\Component\HttpFoundation\RedirectResponse;
 
 //
 // Prepend and start the PHP session
@@ -42,8 +43,8 @@
 
 if (isset($oAuthToken) && $requestToken['oauth_token'] !== $oAuthToken) {
     $_SESSION['oauth_status'] = 'oldtoken';
-    header('Location: ./clearsessions.php');
-    exit;
+    $redirect = new RedirectResponse('./clearsessions.php');
+    $redirect->send();
 }
 
 $connection = new TwitterOAuth(
@@ -61,7 +62,9 @@
     $_SESSION['access_token'] = $accessToken;
     $_SESSION['status'] = 'verified';
 
-    header('Location: ./index.php');
+    $redirect = new RedirectResponse('./index.php');
+    $redirect->send();
 } else {
-    header('Location: ./clearsessions.php');
+    $redirect = new RedirectResponse('./clearsessions.php');
+    $redirect->send();
 }

phpmyfaq/services/twitter/clearsessions.php

@@ -7,14 +7,16 @@
  * v. 2.0. If a copy of the MPL was not distributed with this file, You can
  * obtain one at https://mozilla.org/MPL/2.0/.
  *
- * @package phpMyFAQ
- * @author Thorsten Rinne <thorsten@phpmyfaq.de>
+ * @package   phpMyFAQ
+ * @author    Thorsten Rinne <thorsten@phpmyfaq.de>
  * @copyright 2010-2023 phpMyFAQ Team
- * @license https://www.mozilla.org/MPL/2.0/ Mozilla Public License Version 2.0
- * @link https://www.phpmyfaq.de
- * @since 2010-09-18
+ * @license   https://www.mozilla.org/MPL/2.0/ Mozilla Public License Version 2.0
+ * @link      https://www.phpmyfaq.de
+ * @since     2010-09-18
  */
 
+use Symfony\Component\HttpFoundation\RedirectResponse;
+
 //
 // Prepend and start the PHP session
 //
@@ -27,5 +29,7 @@
 require PMF_ROOT_DIR . '/src/Bootstrap.php';
 
 session_destroy();
+session_start();
 
-header('Location: ./connect.php');
+$redirect = new RedirectResponse('./connect.php');
+$redirect->send();

phpmyfaq/services/twitter/index.php

@@ -18,6 +18,8 @@
 
 use Abraham\TwitterOAuth\TwitterOAuth;
 use Abraham\TwitterOAuth\TwitterOAuthException;
+use phpMyFAQ\Configuration;
+use Symfony\Component\HttpFoundation\RedirectResponse;
 
 //
 // Prepend and start the PHP session
@@ -30,12 +32,15 @@
 //
 require PMF_ROOT_DIR . '/src/Bootstrap.php';
 
+$faqConfig = Configuration::getConfigurationInstance();
+
 if (
     empty($_SESSION['access_token']) ||
     empty($_SESSION['access_token']['oauth_token']) ||
     empty($_SESSION['access_token']['oauth_token_secret'])
 ) {
-    header('Location: ./clearsessions.php');
+    $redirect = new RedirectResponse('./clearsessions.php');
+    $redirect->send();
 }
 
 $accessToken = $_SESSION['access_token'];
@@ -55,5 +60,6 @@
 $content = $connection->get('account/verify_credentials');
 
 if (isset($content->screen_name)) {
-    header('Location: ../../admin/index.php');
+    $redirect = new RedirectResponse('../../admin/index.php');
+    $redirect->send();
 }

phpmyfaq/services/twitter/redirect.php

@@ -17,6 +17,8 @@
  */
 
 use Abraham\TwitterOAuth\TwitterOAuth;
+use phpMyFAQ\Configuration;
+use Symfony\Component\HttpFoundation\RedirectResponse;
 
 //
 // Prepend and start the PHP session
@@ -29,6 +31,8 @@
 //
 require PMF_ROOT_DIR . '/src/Bootstrap.php';
 
+$faqConfig = Configuration::getConfigurationInstance();
+
 $connection = new TwitterOAuth(
     $faqConfig->get('socialnetworks.twitterConsumerKey'),
     $faqConfig->get('socialnetworks.twitterConsumerSecret')
@@ -45,7 +49,8 @@
 switch ($connection->getLastHttpCode()) {
     case 200:
         $url = $connection->url('oauth/authorize', ['oauth_token' => $requestToken['oauth_token']]);
-        header('Location: ' . $url);
+        $redirect = new RedirectResponse($url);
+        $redirect->send();
         break;
     default:
         echo 'Could not connect to Twitter. Refresh the page or try again later.';

phpmyfaq/setup/update.php

@@ -27,6 +27,7 @@
 use phpMyFAQ\Setup\Update;
 use phpMyFAQ\Strings;
 use phpMyFAQ\System;
+use Symfony\Component\HttpFoundation\RedirectResponse;
 
 const COPYRIGHT = '&copy; 2001-2023 <a target="_blank" href="//www.phpmyfaq.de/">phpMyFAQ Team</a>';
 const IS_VALID_PHPMYFAQ = null;
@@ -48,8 +49,8 @@
 $query = [];
 
 if (!file_exists(PMF_ROOT_DIR . '/config/database.php')) {
-    header('Location: index.php');
-    exit();
+    $redirect = new RedirectResponse('./index.php');
+    $redirect->send();
 }
 
 $dbConfig = new DatabaseConfiguration(PMF_ROOT_DIR . '/config/database.php');

phpmyfaq/src/Bootstrap.php

@@ -24,6 +24,7 @@
 use phpMyFAQ\Database;
 use phpMyFAQ\Core\Exception;
 use phpMyFAQ\Init;
+use Symfony\Component\HttpFoundation\RedirectResponse;
 use Symfony\Component\HttpFoundation\Request;
 
 //
@@ -92,8 +93,8 @@
 // Check if config/database.php exist -> if not, redirect to installer
 //
 if (!file_exists(PMF_CONFIG_DIR . '/database.php')) {
-    header('Location: ./setup/index.php');
-    exit();
+    $redirect = new RedirectResponse('./setup/index.php');
+    $redirect->send();
 }
 
 //

phpmyfaq/src/phpMyFAQ/Auth/AuthAzureActiveDirectory.php

@@ -118,6 +118,7 @@ public function isValidLogin(string $login, array $optionalData = []): int
     /**
      * Method to authorize against Azure AD
      *
+     * @throws \Exception
      */
     public function authorize(): void
     {
@@ -156,12 +157,16 @@ public function logout(): void
 
         $user->getUserByLogin($user->getLogin());
         $user->deleteFromSession(true);
-        header('Location: ' . self::AAD_LOGOUT_URL);
+
+        $redirect = new RedirectResponse(self::AAD_LOGOUT_URL);
+        $redirect->send();
     }
 
     /**
      * Method to generate code verifier and code challenge for oAuth login.
      * See RFC7636 for details.
+     *
+     * @throws \Exception
      */
     private function createOAuthChallenge(): void
     {

phpmyfaq/ucp.php

@@ -15,19 +15,23 @@
  * @since     2012-01-12
  */
 
+use phpMyFAQ\Configuration;
 use phpMyFAQ\Services\Gravatar;
 use phpMyFAQ\Session\Token;
 use phpMyFAQ\Strings;
 use phpMyFAQ\Translation;
 use phpMyFAQ\User\CurrentUser;
 use phpMyFAQ\User\TwoFactor;
 use RobThree\Auth\TwoFactorAuthException;
+use Symfony\Component\HttpFoundation\RedirectResponse;
 
 if (!defined('IS_VALID_PHPMYFAQ')) {
     http_response_code(400);
     exit();
 }
 
+$faqConfig = Configuration::getConfigurationInstance();
+
 if ($user->isLoggedIn()) {
     try {
         $faqSession->userTracking('user_control_panel', $user->getUserId());
@@ -97,7 +101,7 @@
         ]
     );
 } else {
-    // Redirect to login
-    header('Location: ' . $faqConfig->getDefaultUrl());
-    exit();
+    // Redirect to login page
+    $redirect = new RedirectResponse($faqConfig->getDefaultUrl());
+    $redirect->send();
 }