Anonymous | Login | 2024-12-22 05:20 MST |
Main | My View | View Issues | Change Log | Roadmap | Repositories |
View Issue Details [ Jump to Notes ] | [ Issue History ] [ Print ] | ||||||||
ID | Project | Category | View Status | Date Submitted | Last Update | ||||
0002209 | ClearOS | app-base - Base System | public | 2015-02-20 07:15 | 2015-08-13 08:29 | ||||
Reporter | dloper | ||||||||
Assigned To | |||||||||
Priority | low | Severity | trivial | Reproducibility | always | ||||
Status | closed | Resolution | fixed | ||||||
Platform | OS | OS Version | |||||||
Product Version | 6.6.0 | ||||||||
Target Version | 6.7.0 Beta 1 | Fixed in Version | |||||||
Summary | 0002209: Improper redirect in app-base session.php | ||||||||
Description | Non-root admins are redirected to an improper 'you cannot view this page' due to an invalid redirect. | ||||||||
Steps To Reproduce | file is contained in app-base | ||||||||
Additional Information | --- /usr/clearos/apps/base/controllers/session.php 2015-02-03 10:09:04.000000000 -0500 +++ /root/support/.common/normal/usr/clearos/apps/base/controllers/session.php 2014-09-05 13:07:10.226334795 -0400 @@ -236,7 +236,7 @@ $username = $this->input->post('clearos_username'); $valid_pages = $this->access_control->get_valid_pages($username); if (preg_match('/^\/base\//', $post_redirect) - && (in_array('dashboard', $valid_pages) || ($username === 'root')) + && (in_array('/app/dashboard', $valid_pages) || ($username === 'root')) && clearos_app_installed('dashboard') ) { redirect('/dashboard'); | ||||||||
Tags | No tags attached. | ||||||||
Attached Files | |||||||||
Notes | |
(0001377) user2 2015-02-24 13:55 |
This was resolved in ClearOS 7, but it should be backported. |
Issue History | |||
Date Modified | Username | Field | Change |
2015-02-20 07:15 | dloper | New Issue | |
2015-02-23 20:12 | user2 | Status | new => confirmed |
2015-02-24 13:55 | user2 | Note Added: 0001377 | |
2015-05-20 18:24 | user2 | Target Version | 6.6.0 Updates => 6.7.0 Beta 1 |
2015-08-10 17:27 | user2 | Category | app-dashboard - Dashboard => app-base - Base System |
2015-08-12 14:17 | user2 | Status | confirmed => resolved |
2015-08-12 14:17 | user2 | Resolution | open => fixed |
2015-08-12 14:17 | user2 | Assigned To | => user2 |
2015-08-13 08:29 | user2 | Status | resolved => closed |
2015-08-13 08:29 | user2 | Assigned To | user2 => |