From aedc912d36153b131b3e3bc8a9813c104440aa4b Mon Sep 17 00:00:00 2001
From: Florian Eula <eula.florian@gmail.com>
Date: Fri, 21 Nov 2014 18:31:31 +0100
Subject: [PATCH] Prevents ?do=addlink from generating a 404 if the user is not
 logged in Fixes https://github.com/shaarli/Shaarli/issue/47

---
 index.php | 8 ++++++++
 1 file changed, 8 insertions(+)

diff --git a/index.php b/index.php
index f2410f7..35e83eb 100644
--- a/index.php
+++ b/index.php
@@ -1349,6 +1349,14 @@ function renderPage()
             header('Location: ?do=login&post='.urlencode($_GET['post']).(!empty($_GET['title'])?'&title='.urlencode($_GET['title']):'').(!empty($_GET['description'])?'&description='.urlencode($_GET['description']):'').(!empty($_GET['source'])?'&source='.urlencode($_GET['source']):'')); // Redirect to login page, then back to post link.
             exit;
         }
+
+		// Same case as above except that user tried to access ?do=addlink without being logged in
+		// Note: passing empty parameters makes Shaarli generate default URLs and descriptions.
+		if (isset($_GET['do']) && $_GET['do'] === 'addlink') {
+			header('Location: ?do=login&post=');
+			exit;
+		}
+
         $PAGE = new pageBuilder;
         buildLinkList($PAGE,$LINKSDB); // Compute list of links to display
         $PAGE->renderPage('linklist');