Commit d9ce7d92 authored by Robert Lyon's avatar Robert Lyon
Browse files

Bug 1774334: Correcting redirect on login for site in subdirectory



The fix in Bug 1774309 fails to work correctly when the site
is in a subdirectory of the apache root.

To test:
1) Adjust your site's apache file and set the DocumentRoot to be
parent of htdocs
2) Change the 'wwwroot' db value for site to include the 'htdocs/' bit
3) Restart the apache server
4) Go to site, adding 'htdocs/' to url
5) Try logging in

before patch: end up not found page with url containing two 'htdocs/'

after patch: end up at correct place

behatnotneeded

Change-Id: Ic5e1de2c5edaf96bbdd9b2403f0f65e45a4b80c0
Signed-off-by: Robert Lyon's avatarRobert Lyon <robertl@catalyst.net.nz>
parent 1eb72aa4
......@@ -1816,7 +1816,14 @@ function login_submit(Pieform $form, $values) {
}
// Do redirect on login to avoid browser back button exploit
$requesturi = $_SERVER['SCRIPT_NAME'] . (!empty($_SERVER['QUERY_STRING']) ? '?' . $_SERVER['QUERY_STRING'] : '');
// We need to strip the path from domain set in $wwwroot from the path we are trying
// to get to.
$wwwroot = get_config('wwwroot');
$path = parse_url($wwwroot, PHP_URL_PATH);
$path = substr($path, 0, -1); // Remove the last '/' character
$scriptname = $_SERVER['SCRIPT_NAME'];
$scriptname = str_replace($path, '', $scriptname);
$requesturi = $scriptname . (!empty($_SERVER['QUERY_STRING']) ? '?' . $_SERVER['QUERY_STRING'] : '');
redirect($requesturi);
}
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment