Mambo 4.6.3 and Login Redirection

Started by SlammedDime, January 04, 2008, 01:55:43 PM

Previous topic - Next topic
Print
Go Down Pages1
User actions

SlammedDime

January 04, 2008, 01:55:43 PM
I ran into this issue after upgrading to 4.6.3 and narrowed it down to MOStlyce editor.  Regardless of the redirection option for login in the SMF Login Module, you will always be redirected to SMF.  In /mambots/editors/mostlyce.php, lines 28-32 (below) were added in mambo 4.6.3. 

Code Select
/* The editor needs a session.  On the backend a session_start() within the mambot is not needed as on exists.
However, on the frontend it is. */
if (!isset($adminside) || empty($adminside) || $adminside===0) {
session_start();
}


The best I can figure, is because of the redirection during login from action=login2 to action=login2;sa=check, the session_start is called, thus wiping away the $_SESSION['login_url'] value (along with everything else) so redirection never happens as you want, always to SMF because of the SMF code.

If this isn't reproducible by anyone else, perhaps I need to readjust my php.ini file in some way, but when I comment out the lines above in that file, redirection happens as it should.

Thoughts?
SlammedDime
Former Lead Customizer
BitBucket Projects
GeekStorage.com Hosting		                      My Mods
SimpleSEF
Ajax Quick Reply
Sitemap
more...		                     

SleePy

#1
January 04, 2008, 02:13:00 PM
This also may be a problem with SMF
http://www.simplemachines.org/community/index.php?topic=210667

Since Login2 doesn't hold the login_url if the bridge is using that to redirect.
Jeremy D ~ Site Team / SMF Developer ~ GitHub Profile ~ Join us on IRC @ Libera.chat/#smf ~ Support the SMF Support team!

Orstio

#2
January 04, 2008, 03:24:12 PM
How about this?

Code Select
/* The editor needs a session.  On the backend a session_start() within the mambot is not needed as on exists.
However, on the frontend it is. */
if (!isset($adminside) || empty($adminside) || $adminside===0 || !isset($_SESSION['login_url'])) {
session_start();
}

SlammedDime

#3
January 04, 2008, 03:33:14 PM Last Edit: January 04, 2008, 03:45:37 PM by SlammedDime
Orstio: The session variable does not exist at that point in execution, so you can't check to see if it contains a variable/value... :/  (Quite peculiar)

I'm curious though why this code was added as the editor seemed to work fine in 4.6.2, unless it was due to the Image Manager security checks they added further down the file.
SlammedDime
Former Lead Customizer
BitBucket Projects
GeekStorage.com Hosting		                      My Mods
SimpleSEF
Ajax Quick Reply
Sitemap
more...		                     

Orstio

#4
January 04, 2008, 04:58:12 PM
Oh, I see.  It's then starting the session with the Mambo session handler, while $_SESSION['login_url'] would be stored in the SMF session.

I'll see what i can do there.
Print
Go Up Pages1
User actions
Advertisement: