From 865123ffda92eeaba487f4e45342e1d8ef18fa6f Mon Sep 17 00:00:00 2001 From: David Ward Date: Sun, 7 Mar 2010 10:00:15 -0700 Subject: [PATCH 1/2] [bug/58755] Fix a redirection bug that can occur after login This issue affects any forum (i.e. https://myforum/phpBB3/) where: - the forum is located in a directory underneath the web root (i.e., NOT https://myforum/) - a user accesses the forum with a URI pointing to a directory rather than a script (i.e., NOT https://myforum/phpBB3/index.php) - the URI used ends in a slash (i.e., NOT https://myforum/phpBB3) If these conditions are met, after successful login the user is redirected to an invalid URI (i.e., https://myforum/phpBB3/phpBB3?sid=). This change fixes extract_current_page() to handle the case correctly where the URI ends in a slash and is not the web root. So after successful login, the redirection back to the main page will work (i.e., https://myforum/phpBB3/?sid=) --- phpBB/includes/session.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/phpBB/includes/session.php b/phpBB/includes/session.php index 11f1896332..1a302d5991 100644 --- a/phpBB/includes/session.php +++ b/phpBB/includes/session.php @@ -83,7 +83,7 @@ class session $query_string = trim(implode('&', $use_args)); // basenamed page name (for example: index.php) - $page_name = basename($script_name); + $page_name = (substr($script_name, -1, 1) == '/') ? '' : basename($script_name); $page_name = urlencode(htmlspecialchars($page_name)); // current directory within the phpBB root (for example: adm) From c52a7e9a083d1bbd68f515bfdec2dbe1ebdef954 Mon Sep 17 00:00:00 2001 From: Nils Adermann Date: Sun, 7 Mar 2010 21:54:56 +0100 Subject: [PATCH 2/2] Adding the bugfix for #58755 to the changelog. --- phpBB/docs/CHANGELOG.html | 1 + 1 file changed, 1 insertion(+) diff --git a/phpBB/docs/CHANGELOG.html b/phpBB/docs/CHANGELOG.html index e54c4fd9bb..213e8fd9e0 100644 --- a/phpBB/docs/CHANGELOG.html +++ b/phpBB/docs/CHANGELOG.html @@ -101,6 +101,7 @@
  • [Fix] Minor language fixes. (Bug #54855)
  • [Fix] Parsing urls in signatures properly uses config settings. (Bug #57105)
  • [Fix] Allow multibyte keys in request_var(). (Bug #51555)
    • +
  • [Fix] Correct redirection after login to forum not in web root (Bug #58755)
  • [Feature] Support for Microsoft's Native SQL Server Driver for PHP (Bug #57055 - Patch by Chris Pucci at Microsoft)