0002209: Improper redirect in app-base session.php

ClearFoundation Tracker - ClearOS
View Issue Details

ID	Project	Category	View Status	Date Submitted	Last Update
0002209	ClearOS	app-base - Base System	public	2015-02-20 07:15	2015-08-13 08:29

Reporter	dloper
Assigned To
Priority	low	Severity	trivial	Reproducibility	always
Status	closed	Resolution	fixed
Platform		OS		OS Version
Product Version	6.6.0
Target Version	6.7.0 Beta 1	Fixed in Version

Summary	0002209: Improper redirect in app-base session.php
Description	Non-root admins are redirected to an improper 'you cannot view this page' due to an invalid redirect.
Steps To Reproduce	file is contained in app-base
Additional Information	--- /usr/clearos/apps/base/controllers/session.php 2015-02-03 10:09:04.000000000 -0500 +++ /root/support/.common/normal/usr/clearos/apps/base/controllers/session.php 2014-09-05 13:07:10.226334795 -0400 @@ -236,7 +236,7 @@ $username = $this->input->post('clearos_username'); $valid_pages = $this->access_control->get_valid_pages($username); if (preg_match('/^\/base\//', $post_redirect) - && (in_array('dashboard', $valid_pages) \|\| ($username === 'root')) + && (in_array('/app/dashboard', $valid_pages) \|\| ($username === 'root')) && clearos_app_installed('dashboard') ) { redirect('/dashboard');
Tags	No tags attached.
Relationships
Attached Files

Issue History
Date Modified	Username	Field	Change
2015-02-20 07:15	dloper	New Issue
2015-02-23 20:12	user2	Status	new => confirmed
2015-02-24 13:55	user2	Note Added: 0001377
2015-05-20 18:24	user2	Target Version	6.6.0 Updates => 6.7.0 Beta 1
2015-08-10 17:27	user2	Category	app-dashboard - Dashboard => app-base - Base System
2015-08-12 14:17	user2	Status	confirmed => resolved
2015-08-12 14:17	user2	Resolution	open => fixed
2015-08-12 14:17	user2	Assigned To	=> user2
2015-08-13 08:29	user2	Status	resolved => closed
2015-08-13 08:29	user2	Assigned To	user2 =>

Notes