search

arckinteractive / elgg_hybridauth

HybridAuth Client for Elgg
10 stars 9 forks source link

session 'last_forward_from' not taken into account, when logging in with hybridauth #27

Closed oseg closed 7 years ago

oseg commented 7 years ago

Context: elgg v2.3.3 + elgg_hybridauth v2.0.7

Scenario: 1- log in 2- Create a "logged in bookmark" content with access set to "logged in" 3- Copy this "logged in bookmark" page url 4- log out 5- Paste the "logged in bookmark" url in the browser -> "You must be logged in to view the requested page" message is displayed 6- logged in with hybridauth (facebook for instance) -> Your user profile page is displayed

Expected result: The "logged in bookmark" page should be displayed If you execute the same scenario, but in step 6, you log in with your elgg account, then the "logged in bookmark" page is displayed.

oseg commented 7 years ago

Suggested fix:

In views/default/resources/hybridauth/authenticate.php at line 58 replace $elgg_forward_url = get_input('elgg_forward_url', $_SESSION['last_forward_from']); by

$session_forward_url = null;
if (($session = elgg_get_session()) && $session->has('last_forward_from')) {
    $session_forward_url = $session->get('last_forward_from');
}
$elgg_forward_url = get_input('elgg_forward_url', $session_forward_url);
oseg commented 7 years ago

fixed by a8cd2fd00ca78c4b32fa048082c773a3a816ccda