Bug #37612
closed
felogin redirects to password reset after login
Added by Markus Klein almost 12 years ago.
Updated over 5 years ago.
Description
felogin redirects to password reset confirmation page after successful because "redirect to referer" is set in the plugin.
Fix this by skipping the referer input field when the url contains "tx_felogin_pi[forgotHash]".
Unfortunately this fix only works when the parameter is not beautified via URL rewriters like realurl.
Files
Possible fix is:
class.tx_felogin_pi.php:
// check for referer redirect method. if present, save referer in form field
if (t3lib_div::inList($this->conf['redirectMode'], 'referer') || t3lib_div::inList($this->conf['redirectMode'], 'refererDomains')) {
$referer = $this->referer ? $this->referer : t3lib_div::getIndpEnv('HTTP_REFERER');
if ($referer && strpos($referer, 'tx_felogin_pi1[forgotHash]') !== FALSE) {
$extraHiddenAr[] = '<input type="hidden" name="referer" value="' . htmlspecialchars($referer) . '" />';
}
}
by extending the condition in line 4.
- Status changed from New to Needs Feedback
- Assignee set to Jigal van Hemert
- Complexity changed from nightmare to easy
I think this is a duplicate of #21943 , which was only applied to 6.0 and 4.7; unfortunately I haven't backported them to 4.6 and 4.5.
Markus, you reviewed the patch on 6.0 :-) Could you take care of the backports?
Damn it. I knew we had something like that already, but I didn't find it on forge as I searched only for open tickets, as I thought all the changes were already backported.
I'll of course do the backports right now.
Thanks Jigal!
- Status changed from Needs Feedback to Resolved
- Status changed from Resolved to Closed
Also available in: Atom
PDF
Updated by 
Updated by 
Updated by