Redirect Loop allowed because you can add main site domain as an alias

The issue here is that in our invocation of hook_validate(), we implement the hosting_domain_allowed() API hook to see if this is a valid URL or if it has already been taken.

The problem is that hosting_domain_allowed() hook optionally takes an array of parameters as an arg, and in the API hook itself we check if such a parameter was provided called 'nid' and then we append 'IS NOT $nid' to the query. In other words, the result looks something like:

SELECT COUNT(n.nid) FROM node n LEFT JOIN hosting_site h ON h.nid=n.nid LEFT JOIN hosting_site_alias a  ON n.vid = a.vid WHERE n.type='site' AND a.alias='vagrant-debian-squeeze.vagrantup.com' AND h.status <> 2 AND n.nid <> 10;

This will return a 0 count because the node in which this URL *does* appear in, is the same node as the site itself, obviously! Take off the AND n.nid <> 10 and you'll get a count of 1, because yes indeed, this URL *is* already in use *somewhere*, just happens to be this very node itself.

However! We can't just drop the nid argument off this invocation, because it prevents us ever editing the site node again (the submission of the form will fail from thereon: we probably found this bug once and that's what we did to fix it)

For this reason I think the only fix is to add an additional conditional in this check to error if the $alias is identical to the $node->title, which should never be allowed. Tested this and it's working for me..

Patch attached.