Bug #18936
closedredirect after logout does not work
0%
Description
I'm using T3 4.2.1 and realURL 1.4.0
After beeing logged an moving to a page where only logged in users have access and trying to log out frpom this page i allways get a 404 because redirection doesn't work.
For example:
1) I login on this page: example.com/restricted/
2) Than i see the hidden content on this page an get an menu to move further in this area
3) I go to example.com/restricted/further/ and till that point everything works as expected
4) Because of having the felogin plugin on every page in the rootline of example.com/restricted/ i can logout on example.com/restricted/further/ or any other site with example.com/restricted/*/
5) try to logout on any other page than example.com/restricted/ gives a 404 because if i try to logout on example.com/restricted/further/ i get redirected to example.com/restricted/further/ which is at this point "not there"
I'll hope i made it clear.
I'm not using any FlexForm config because i implemented the plugin with TS. Perhaps i made some mistake.
My TS settings are as follows:
plugin.tx_felogin_pi1 {
storagePid = 92
templateFile = path/to/template/
wrapContentInBaseClass = 1
showForgotPasswordLink = 1
showPermaLogin = 0
preserveGETvars = all
redirectMode = logout
redirectPageLogout = 57
redirectDisable = 0
email_from = email@doman.com
email_fromName = email from
replyTo = email@doman.com
linkConfig {
target =
title = title
}
welcomeHeader_stdWrap {
wrap = <h2 class="open">|</h2>
}
welcomeMessage_stdWrap {
wrap = |
}
successHeader_stdWrap {
wrap = <h2>|</h2>
}
successMessage_stdWrap {
wrap = <p>|</p>
}
logoutHeader_stdWrap {
wrap = <h2>|</h2>
}
logoutMessage_stdWrap {
wrap = <p>|</p>
}
errorHeader_stdWrap {
wrap = <h2 class="open">|</h2>
}
errorMessage_stdWrap {
wrap = <p>|</p>
}
forgotHeader_stdWrap {
wrap = <h2 class="open">|</h2>
}
forgotMessage_stdWrap {
wrap = <p>|</p>
}
}
lib.hisLogin < plugin.tx_felogin_pi1
(issue imported from #M8677)
Files
Updated by Oliver N. over 16 years ago
I can confirm this error for all redirects - configured with TS or FF.
Structural example:
(page): useraccount (access for all)
- (page): login (access if not logged in)
- (page): myaccount (acces if logged in)
loginform at login redirects on succesful login to "myaccount"
loginform at myaccount redirects on logout to "login"
Login from page useraccount/login results in Error 404
Logout results in Error 404
If the login and myaccount pages are changed to acces for all, the redirect works.
It seems like first the login in processed to the current page and the redirection is done in a second step.
Updated by Steffen Kamper over 16 years ago
please keep in mind that redirect is computed in the plugin itself. So after any action, the current page is called, the plugin looks for the redirect code and does the redirect.
If you logout from an access-restricted page it won't work.
Updated by Dennis Geldmacher over 16 years ago
Ok, but i think it should be possible to logout from a access-restricted page and get redirected to a normal page after that. Just imagine a bigger settings area for account configurations or a whole page tree for special users.
An alternative at this point would be to only allow login and logout on just one page. But this is far away from user friendly. ;)
Another alternative could be to allow access to all pages an just disalow acces to its content. But by this you have a bunch of emtpy pages or pages that say "you have to login first". This looks bad in my eyes and is indexed by search engines for example. So this is no good alternative i think.
And i think a lot of web users are used to have the possibility to login and to logout from everywhere on the page.
Or am i thinking totaly wrong?
Updated by Steffen Kamper over 16 years ago
I think i have an idea for logout, i will try to do, so it will we possible to logout also from access restricted pages with redirect.
Updated by Dennis Geldmacher over 16 years ago
I think this would be a great feature for this plugin and makes T3 in that case more usable for developing sites with special community areas or something like this.
Updated by Steffen Kamper over 16 years ago
i checked this on my setup
lib.login = COA_INT
lib.login {
10 < plugin.tx_felogin_pi1
10 {
storagePid = 111
preserveGETvars = all
wrapContentInBaseClass = 0
showForgotPasswordLink = 0
showPermaLogin = 0
#redirect
redirectMode = userLogin,groupLogin,login,logout
redirectFirstMethod = 1
redirectPageLogin = 129
redirectPageLogout = 113
}
}
129 is usergroup-protected page, lib.login is displayed on all pages.
If i log in, i got redirected to page 129, if i log out on this page, i'm redirected to page 113 - no problem.
Updated by Dennis Geldmacher over 16 years ago
Oh ... weird. I tested it once more. No chance! Everytime a 404.
I have really no idea why it does not work in my case.
Redirection after login is no problem. Redirection after logout does not work.
I tested the extension a little bit and in my instalation $this->redirectUrl is allways empty. Even in the login form where it should be substituted with the REDIRECT_URL Marker.
This behaviour really makes no sense to me.
Even this makes no change.
if ($this->logintype === 'logout') {
if (!$GLOBALS['TSFE']->fe_user->cookieId) {
$content .= '<p style="color:red; font-weight:bold;">' .$this->pi_getLL('cookie_warning', '', 1) . '</p>';
} else {
header('Location: http://www.example.com/redirect/');
exit;
}
}
Updated by Steffen Kamper about 16 years ago
I made a patch for this problem.
Now the ACTION-Url is used for logout redirect, so it works also with access restricted pages.