Index: t3lib/class.t3lib_div.php =================================================================== --- t3lib/class.t3lib_div.php (Revision 8442) +++ t3lib/class.t3lib_div.php (Arbeitskopie) @@ -3576,6 +3576,22 @@ } /** + * Checks if a given string is a valid frame URL to be loaded in the + * backend. + * + * This is a wrapper for sanitizeBackEndUrl() which only exists in TYPO3 4.1. + * Since TYPO3 4.2 the method is called sanitizeLocalUrl(). + * + * @param string $url potential URL to check + * + * @return string either $url if $url is considered to be harmless, or an + * empty string otherwise + */ + function sanitizeLocalUrl($url = '') { + return t3lib_div::sanitizeBackEndUrl($url); + } + + /** * Moves $source file to $destination if uploaded, otherwise try to make a copy * Usage: 4 * Index: typo3/tce_db.php =================================================================== --- typo3/tce_db.php (Revision 8442) +++ typo3/tce_db.php (Arbeitskopie) @@ -112,7 +112,7 @@ $this->cmd = t3lib_div::_GP('cmd'); $this->mirror = t3lib_div::_GP('mirror'); $this->cacheCmd = t3lib_div::_GP('cacheCmd'); - $this->redirect = t3lib_div::sanitizeLocalUrl(t3lib_div::_GP('redirect')); + $this->redirect = t3lib_div::sanitizeBackEndUrl(t3lib_div::_GP('redirect')); $this->prErr = t3lib_div::_GP('prErr'); $this->_disableRTE = t3lib_div::_GP('_disableRTE'); $this->CB = t3lib_div::_GP('CB'); Index: typo3/logout.php =================================================================== --- typo3/logout.php (Revision 8442) +++ typo3/logout.php (Arbeitskopie) @@ -72,7 +72,7 @@ $BE_USER->writelog(255,2,0,1,'User %s logged out from TYPO3 Backend',Array($BE_USER->user['username'])); // Logout written to log $BE_USER->logoff(); - $redirect = t3lib_div::sanitizeLocalUrl(t3lib_div::_GP('redirect')); + $redirect = t3lib_div::sanitizeBackEndUrl(t3lib_div::_GP('redirect')); $redirectUrl = $redirect ? $redirect : 'index.php'; header('Location: '.t3lib_div::locationHeaderUrl($redirectUrl));