Create a new method in MY_url.php "get_item_from_uri" which loads the item

based on the uri. Then use this helper method in logout.php to insure that the guest user has access to the "continue" uri. If they don't redirect to the root album and let it deal with access issues.
author: Tim Almdal <tnalmdal@shaw.ca> 2009-06-09 06:35:35 -0700
committer: Tim Almdal <tnalmdal@shaw.ca> 2009-06-09 06:35:35 -0700
commit: 1fc79046568a5fe0c75c520ae643d0c7279ad64b (patch)
tree: 010bbbb0e29adb020b9a12d16e85fe918d60d95c /modules/user/controllers
parent: a42c101c0b76edb403f2f9c646c27539b983394b (diff)
1 files changed, 6 insertions, 1 deletions
diff --git a/modules/user/controllers/logout.php b/modules/user/controllers/logout.php
index 6ceb7192..a541ed9b 100644
--- a/modules/user/controllers/logout.php
+++ b/modules/user/controllers/logout.php
@@ -26,7 +26,12 @@ class Logout_Controller extends Controller {
     log::info("user", t("User %name logged out", array("name" => $user->name)),
               html::anchor("user/$user->id", $user->name));
     if ($this->input->get("continue")) {
-      url::redirect($this->input->get("continue"));
+      $item = url::get_item_from_uri($this->input->get("continue"));
+      if (access::can("view", $item)) {
+        url::redirect($this->input->get("continue"));
+      } else {
+        url::redirect("");
+      }
     }
   }
 }
 \ No newline at end of file
author	Tim Almdal <tnalmdal@shaw.ca>	2009-06-09 06:35:35 -0700
committer	Tim Almdal <tnalmdal@shaw.ca>	2009-06-09 06:35:35 -0700
commit	1fc79046568a5fe0c75c520ae643d0c7279ad64b (patch)
tree	010bbbb0e29adb020b9a12d16e85fe918d60d95c /modules/user/controllers
parent	a42c101c0b76edb403f2f9c646c27539b983394b (diff)