| Anonymous | Login | Signup for a new account | 2013-05-25 16:16 EDT |  |
| Main | My View | View Issues | Change Log | Roadmap | Wiki | ManTweet | Repositories |
| View Issue Details [ Jump to Notes ] [ Wiki ] | [ Issue History ] [ Print ] | ||||||||
| ID | Project | Category | View Status | Date Submitted | Last Update | ||||
| 0006866 | mantisbt | customization | public | 2006-03-17 14:15 | 2006-09-12 00:52 | ||||
| Reporter | lucians | ||||||||
| Assigned To | vboctor | ||||||||
| Priority | normal | Severity | minor | Reproducibility | always | ||||
| Status | closed | Resolution | fixed | ||||||
| Platform | OS | OS Version | |||||||
| Product Version | 1.0.1 | ||||||||
| Target Version | Fixed in Version | 1.1.0a1 | |||||||
| Summary | 0006866: User redirection after logging out | ||||||||
| Description | Hi, I specified in config_inc.php a specific page to be used for redirection of users, but doesn't work. User is redirected to login page regardless at my setup. Thanks, Lucian | ||||||||
| Tags | No tags attached. | ||||||||
| Attached Files | |||||||||
 Relationships |
|
 Relationships |
|
Notes |
|
 (0012383)vboctor (administrator) 2006-03-21 06:34 |
Which version of Mantis are you using? Are you setting it up as follows? $g_logout_redirect_page = '%path%my_page.php'; |
|
(0012387) vboctor (administrator) 2006-03-21 07:12 |
Found and fixed in CVS. Will be included in Mantis 1.1.0. Index: logout_page.php =================================================================== RCS file: /cvsroot/mantisbt/mantisbt/logout_page.php,v retrieving revision 1.17 diff -u -r1.17 logout_page.php --- logout_page.php 30 May 2004 01:49:31 -0000 1.17 +++ logout_page.php 21 Mar 2006 12:10:11 -0000 @@ -18,5 +18,5 @@ auth_http_set_logout_pending( true ); } - print_header_redirect( config_get( 'logout_redirect_page' ) ); + print_header_redirect( config_get( 'logout_redirect_page' ), /* die */ true, /* sanitize */ false ); ?> Index: core/print_api.php =================================================================== RCS file: /cvsroot/mantisbt/mantisbt/core/print_api.php,v retrieving revision 1.150 diff -u -r1.150 print_api.php --- core/print_api.php 3 Feb 2006 03:46:12 -0000 1.150 +++ core/print_api.php 21 Mar 2006 12:09:41 -0000 @@ -26,15 +26,17 @@ # immediately # If we have handled any errors on this page and the 'stop_on_errors' config # option is turned on, return false and don't redirect. - function print_header_redirect( $p_url, $p_die = true ) { + # $p_sanitize - true/false - true in the case where the URL is extracted from GET/POST or untrusted source. + # This would be false if the URL is trusted (e.g. read from config_inc.php). + function print_header_redirect( $p_url, $p_die = true, $p_sanitize = true ) { $t_use_iis = config_get( 'use_iis'); if ( ON == config_get( 'stop_on_errors' ) && error_handled() ) { return false; } - + # validate the url as part of this site before continuing - $t_url = string_sanitize_url( $p_url ); + $t_url = $p_sanitize ? string_sanitize_url( $p_url ) : $p_url; # don't send more headers if they have already been sent (guideweb) if ( ! headers_sent() ) { |
|
Notes |
|
Issue History |
|||
| Date Modified | Username | Field | Change |
| 2006-03-17 14:15 | lucians | New Issue | |
| 2006-03-21 06:34 | vboctor | Note Added: 0012383 | |
| 2006-03-21 06:34 | vboctor | Status | new => feedback |
| 2006-03-21 07:12 | vboctor | Status | feedback => resolved |
| 2006-03-21 07:12 | vboctor | Fixed in Version | => 1.1.0 |
| 2006-03-21 07:12 | vboctor | Resolution | open => fixed |
| 2006-03-21 07:12 | vboctor | Assigned To | => vboctor |
| 2006-03-21 07:12 | vboctor | Note Added: 0012387 | |
| 2006-09-12 00:52 | vboctor | Status | resolved => closed |
|
Issue History |
| MantisBT 1.2.16dev master-1.2.x-8c2bd07 [^]
Copyright © 2000 - 2013 MantisBT Team
Time: 0.0841 seconds. memory usage: 2,776 KB |
|