View Issue Details
ID | Project | Category | View Status | Date Submitted | Last Update |
---|---|---|---|---|---|
0012754 | mantisbt | other | public | 2011-02-09 03:00 | 2011-03-04 07:36 |
Reporter | feg16 | Assigned To | |||
Priority | high | Severity | major | Reproducibility | always |
Status | new | Resolution | open | ||
Product Version | 1.2.0rc2 | ||||
Summary | 0012754: Incorrect redirect code | ||||
Description | $t_return_page = $_SERVER['SCRIPT_NAME']; is not valid code. Page location - http://isphp/xMantis | ||||
Tags | No tags attached. | ||||
This code in html_api.php on line 503. ps sorry my english :) |
|
Same problem in 1.2.4. If I click a bug link from mail (like http://server-test/mantis-test/view.php?id=114) with LDAP authentification and no anonymous view allowed and a user is not logged in (cached), I get an return URL with wrong redirect (like http://server-test/mantis-test/login_page.php?return=mantis-test%2Fview.php%3Fid%3D114) with gives after login wrong bug URL with twice the Mantis directory name (like http://server-test/mantis-test/mantis-test%2Fview.php%3Fid%3D114) and Error HTTP 404. The correct redirect should be without the Mantis root name (like http://server-test/mantis-test/login_page.php?return=view.php%3Fid%3D114) to get it work. |
|
The problem seems to be that $_SERVER['QUERY_STRING'] gives the Querystring-Path from document root to redirect url. Redirect URL is then called from mantis root, so the mantis root is twice. |
|
My problem is in access_api.php Line 88 - 90 |
|