diff options
| -rw-r--r-- | core/templates/login.php | 2 | ||||
| -rw-r--r-- | lib/base.php | 2 | ||||
| -rwxr-xr-x | lib/util.php | 10 |
3 files changed, 6 insertions, 8 deletions
diff --git a/core/templates/login.php b/core/templates/login.php index 0768b664c6f..e8db883c9d0 100644 --- a/core/templates/login.php +++ b/core/templates/login.php @@ -1,7 +1,7 @@ <!--[if IE 8]><style>input[type="checkbox"]{padding:0;}</style><![endif]--> <form method="post"> <fieldset> - <?php if(!empty($_['redirect'])) { echo '<input type="hidden" name="redirect_url" value="'.$_['redirect'].'" />'; } ?> + <?php if(!empty($_['redirect_url'])) { echo '<input type="hidden" name="redirect_url" value="'.$_['redirect_url'].'" />'; } ?> <ul> <?php if(isset($_['invalidcookie']) && ($_['invalidcookie'])): ?> <li class="errors"> diff --git a/lib/base.php b/lib/base.php index 5c3d3fb80ce..eee36da2eb2 100644 --- a/lib/base.php +++ b/lib/base.php @@ -656,7 +656,7 @@ class OC{ else { OC_User::unsetMagicInCookie(); } - header( 'Location: '.$_SERVER['REQUEST_URI'] ); + OC_Util::redirectToDefaultPage(); exit(); } return true; diff --git a/lib/util.php b/lib/util.php index de89e339d99..622a42982c3 100755 --- a/lib/util.php +++ b/lib/util.php @@ -340,10 +340,8 @@ class OC_Util { } if (isset($_REQUEST['redirect_url'])) { $redirect_url = OC_Util::sanitizeHTML($_REQUEST['redirect_url']); - } else { - $redirect_url = $_SERVER['REQUEST_URI']; - } - $parameters['redirect_url'] = $redirect_url; + } + $parameters['redirect_url'] = urlencode($redirect_url); OC_Template::printGuestPage("", "login", $parameters); } @@ -439,8 +437,8 @@ class OC_Util { * Redirect to the user default page */ public static function redirectToDefaultPage() { - if(isset($_REQUEST['redirect_url']) && (substr($_REQUEST['redirect_url'], 0, strlen(OC::$WEBROOT)) == OC::$WEBROOT || $_REQUEST['redirect_url'][0] == '/')) { - $location = $_REQUEST['redirect_url']; + if(isset($_REQUEST['redirect_url'])) { + $location = OC_Helper::makeURLAbsolute(urldecode($_REQUEST['redirect_url'])); } else if (isset(OC::$REQUESTEDAPP) && !empty(OC::$REQUESTEDAPP)) { $location = OC_Helper::linkToAbsolute( OC::$REQUESTEDAPP, 'index.php' ); |