Opened 12 years ago
Last modified 12 years ago
#4809 new defect (bug)
broken logic in bp_core_wpsignup_redirect causes redirect loop to register page
Reported by: |
|
Owned by: | |
---|---|---|---|
Milestone: | Awaiting Contributions | Priority: | normal |
Severity: | major | Version: | 1.6.2 |
Component: | Members | Keywords: | needs-testing |
Cc: |
Description
A broken logic in bp_core_wpsignup_redirect()
function causes buddypress 1.6.4 to loop endlessly on every page other than /
.
I think it is supposed to trigger a redirect to bp_get_signup_page()
when:
(
$_SERVER['SCRIPT_NAME']
containswp-signup.php
or/and (I don't know which)
$_GET['action']
is equal toregister
)
and
register.php
or registration/register.php
template exists.
But instead it triggers a redirect when $_SERVER['SCRIPT_NAME']
is empty!
I'm attaching a proposed patch, but I'm assuming that a redirect should be performed only when $_SERVER['SCRIPT_NAME']
contains wp-signup.php
and also $_GET['action']
is equal to register
.
There are several people on support forums which have problems with endless loop to register page.
Attachments (1)
Change History (11)
#1
follow-up:
↓ 3
@
12 years ago
- Keywords has-patch needs-testing reporter-feedback added
I don't see any specific harm in this patch, though I'm a bit perplexed why $_SERVER['SCRIPT_NAME']
would be empty. A bit of googling:
- are you running IIS? http://wordpress.org/support/topic/undefined-index-script_name?replies=3
- an old version of Apache? https://bugs.php.net/bug.php?id=38141 https://issues.apache.org/bugzilla/show_bug.cgi?id=40102
- fastcgi? https://drupal.org/node/293265
Just want to understand the issue a little better before committing this fix.
#2
@
12 years ago
I've replaced proposed patch, as after some tests I'm now convinced that the logic should be:
Redirect is performed if: ( $_SERVER['SCRIPT_NAME'] contains 'wp-signup.php' or $_GET['action'] is equal to 'register' ) and ( 'register.php' or 'registration/register.php' template exists )
#3
in reply to:
↑ 1
@
12 years ago
Replying to boonebgorges:
I don't see any specific harm in this patch, though I'm a bit perplexed why
$_SERVER['SCRIPT_NAME']
would be empty.
I think it's a fairly common configuration:
- CentOS 5 64bit server;
- Distibution provided httpd with also distribution provided mod_php 5.3 but behind a reverse proxy;
- Pretty Permalinks rewrites in httpd.conf, not in .htaccess:
RewriteCond /var/www/site/wordpress%{REQUEST_FILENAME} !-f RewriteCond /var/www/site/wordpress%{REQUEST_FILENAME} !-d RewriteRule ^/(([a-z0-9_-]*/)*) /index.php/$1 [nocase,last,nosubreq]
#4
@
12 years ago
- Milestone changed from Awaiting Review to 1.7
Cool, thanks for the additional info. Based on the links I gave above, I'm guessing it's the last bit that's at the root of this (putting mod_rewrite directives in your vhost config rather than .htaccess). I'll try to reproduce.
Proposed patch.