joshtronic/pickles
1
0
Fork 0
Code Issues 8 Pull requests Projects Releases Packages Wiki Activity Actions

Added sanity check to _REQUEST['request'] when redirecting to the login page. Alleviates an issue when securing the default module.

Browse source
This commit is contained in:
Josh Sherman 2011-05-14 21:38:06 -04:00
parent 2ea8e1957d
commit 5d63e032f5
1 changed files with 1 additions and 1 deletions
Download patch file Download diff file Expand all files Collapse all files

2
classes/Controller.php
View file

@ -246,7 +246,7 @@ class Controller extends Object
else
{
// Sets variable for the destination
$_SESSION['__pickles']['login']['destination'] = $_REQUEST['request'];
$_SESSION['__pickles']['login']['destination'] = isset($_REQUEST['request']) ? $_REQUEST['request'] : '/';
// Redirect to login page, potentially configured in the config, else /login
header('Location: /' . (isset($this->config->security['login']) ? $this->config->security['login'] : 'login'));