From 6105091c6a2fc22e3c40830dd67762f8beec4dac Mon Sep 17 00:00:00 2001
From: Herman van Rink <rink@initfour.nl>
Date: Tue, 16 Jun 2020 11:36:12 +0200
Subject: [PATCH] Clicking from search result alias/child domain failed to
 open, fixes #5607

---
 interface/web/capp.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/interface/web/capp.php b/interface/web/capp.php
index 39392691f8..5d49fe80d7 100644
--- a/interface/web/capp.php
+++ b/interface/web/capp.php
@@ -43,7 +43,7 @@ if($_SESSION["s"]["user"]['active'] != 1) {
 }
 
 if(!preg_match("/^[a-z]{2,20}$/i", $mod)) die('module name contains unallowed chars.');
-if($redirect != '' && !preg_match("/^[a-z0-9]+\/[a-z0-9_\.\-]+\?id=[0-9]{1,9}$/i", $redirect)) die('redirect contains unallowed chars.');
+if($redirect != '' && !preg_match("/^[a-z0-9]+\/[a-z0-9_\.\-]+\?id=[0-9]{1,9}(\&type=[a-z0-9_\.\-]+)?$/i", $redirect)) die('redirect contains unallowed chars.');
 
 //* Check if user may use the module.
 $user_modules = explode(",", $_SESSION["s"]["user"]["modules"]);
-- 
GitLab