Forums / Developer / Login and redirectionURI

Login and redirectionURI

Previous topic

Developer

Next topic

Author	Message
Carlos Revillo	Wednesday 02 February 2011 8:44:28 am Hi there. If you do your own login template you can add hidden field called "RedirectURI" where you can add an url to redirect the user after login. Looking at kernel/user/login.php we can see this piece of code // Determine if we already know redirection URI. $haveRedirectionURI = ( $redirectionURI != '' && $redirectionURI != '/' ); so, question is... why this protection against redirectionURI == '/'. In our project we have lot of siteaccess and host base access. there's one or more admins per (sub)domain and we want them lo stay in home after login. so we thought adding '/' as RedirectionURI field will be enough. In fact, if doing that code continues to if ( !$haveRedirectionURI ) $redirectionURI = $ini->variable( 'SiteSettings', 'DefaultPage' ); You can set '/' for that setting and works as expected... so, what's the point in the first check? any unwanted side effect maybe? Cheers.
Bertrand Dunogier	Wednesday 02 February 2011 8:58:35 am All I can say for now is that this is quite old (march 2006), and is supposed to fix a bug in redirections... can't say much more: https://github.com/ezsystems/Exponential/commit/b2866f1ae5d21ff235c7e344b87652f20da7041c Bertrand Dunogier eZ Systems Engineering, Lyon http://twitter.com/bdunogier http://gplus.to/BertrandDunogier
André R.	Thursday 03 February 2011 2:38:50 am git blame is key here (something you can do online on github if you want) :) eZ Online Editor 5: http://projects.ez.no/ezoe \|\| eZJSCore (Ajax): http://projects.ez.no/ezjscore \|\| eZ Publish EE http://ez.no/eZPublish/eZ-Publish-Enterprise-Subscription @: http://twitter.com/andrerom

Author

Message

Carlos Revillo

Wednesday 02 February 2011 8:44:28 am

Hi there.

If you do your own login template you can add hidden field called "RedirectURI" where you can add an url to redirect the user after login.

Looking at kernel/user/login.php we can see this piece of code

 // Determine if we already know redirection URI.
    $haveRedirectionURI = ( $redirectionURI != '' && $redirectionURI != '/' );

so, question is... why this protection against redirectionURI == '/'.

In our project we have lot of siteaccess and host base access. there's one or more admins per (sub)domain and we want them lo stay in home after login. so we thought adding '/' as RedirectionURI field will be enough.

In fact, if doing that code continues to

 if ( !$haveRedirectionURI )
        $redirectionURI = $ini->variable( 'SiteSettings', 'DefaultPage' );

You can set '/' for that setting and works as expected... so, what's the point in the first check? any unwanted side effect maybe?

Cheers.

Bertrand Dunogier

Wednesday 02 February 2011 8:58:35 am

All I can say for now is that this is quite old (march 2006), and is supposed to fix a bug in redirections... can't say much more:

https://github.com/ezsystems/Exponential/commit/b2866f1ae5d21ff235c7e344b87652f20da7041c

Bertrand Dunogier
eZ Systems Engineering, Lyon
http://twitter.com/bdunogier
http://gplus.to/BertrandDunogier

André R.

Thursday 03 February 2011 2:38:50 am

git blame is key here (something you can do online on github if you want) :)

eZ Online Editor 5: http://projects.ez.no/ezoe || eZJSCore (Ajax): http://projects.ez.no/ezjscore || eZ Publish EE http://ez.no/eZPublish/eZ-Publish-Enterprise-Subscription
@: http://twitter.com/andrerom