bp_core_catch_no_access() redirects to root and doesn't pass referer for login redirect
|Reported by:||ethitter||Owned by:|
If a user isn't logged in and tries to access a restricted section of BuddyPress, bp_core_catch_uri redirects to the root domain without passing the referer for redirection after login. A perfect example of this is in the "friend request" notification email; included is a link to review the requests, but one must be logged in for the link to be of any use.
The problem lies in the function's check for the existance of an appropriate template file, which relies on $bp_path. This variable isn't defined if the user isn't logged in, so the template file check automatically fails. As a result, the user is redirect to the root domain without any explanation.
The easiest solution would be to check if the user is logged in, and if not, redirect to wp-login.php, passing the requested uri as the redirect_to parameter. Post-login, bp_core_catch_uri would handle the template redirection as it does now.
Change History (15)
- Keywords needs-patch added; redirect login template_redirect removed
- Milestone changed from 1.3 to 1.4
- Priority changed from normal to major
- Summary changed from bp_core_catch_uri redirects to root and doesn't pass referer for login redirect to bp_core_catch_no_access() redirects to root and doesn't pass referer for login redirect
- Version set to 1.2.8
- Keywords needs-patch dev-feedback removed
- Milestone changed from Awaiting Review to 1.3