Commit 58ae4b33 authored by Robert Lyon's avatar Robert Lyon
Browse files

Bug 1774334: Correcting redirect on login for site in subdirectory 



The fix in Bug 1774309 fails to work correctly when the site
is in a subdirectory of the apache root.

To test:
1) Adjust your site's apache file and set the DocumentRoot to be
parent of htdocs
2) Change the 'wwwroot' db value for site to include the 'htdocs/' bit
3) Restart the apache server
4) Go to site, adding 'htdocs/' to url
5) Try logging in

before patch: end up not found page with url containing two 'htdocs/'

after patch: end up at correct place

behatnotneeded

Change-Id: Ic5e1de2c5edaf96bbdd9b2403f0f65e45a4b80c0
Signed-off-by: default avatarRobert Lyon <robertl@catalyst.net.nz>
(cherry picked from commit d9ce7d92)
parent 3fc5190a

htdocs/auth/lib.php

+8 −1
Original line number Diff line number Diff line
@@ -1645,7 +1645,14 @@ function login_submit(Pieform $form, $values) { 
    }



    // Do redirect on login to avoid browser back button exploit

    $requesturi = $_SERVER['SCRIPT_NAME'] . (!empty($_SERVER['QUERY_STRING']) ? '?' . $_SERVER['QUERY_STRING'] : '');

    // We need to strip the path from domain set in $wwwroot from the path we are trying

    // to get to.

    $wwwroot = get_config('wwwroot');

    $path = parse_url($wwwroot, PHP_URL_PATH);

    $path = substr($path, 0, -1); // Remove the last '/' character

    $scriptname = $_SERVER['SCRIPT_NAME'];

    $scriptname = str_replace($path, '', $scriptname);

    $requesturi = $scriptname . (!empty($_SERVER['QUERY_STRING']) ? '?' . $_SERVER['QUERY_STRING'] : '');

    redirect($requesturi);



}