Create a new method in MY_url.php "get_item_from_uri" which loads the item

based on the uri. Then use this helper method in logout.php to insure that the guest user has access to the "continue" uri. If they don't redirect to the root album and let it deal with access issues. Signed-off-by: Tim Almdal <tnalmdal@shaw.ca>
author: Tim Almdal <tnalmdal@shaw.ca> 2009-06-09 21:35:35 +0800
committer: Tim Almdal <tnalmdal@shaw.ca> 2009-06-09 21:45:43 +0800
commit: f0ea6d532cbbfd5a95e5b992bc62bb7ecb2c1c3b (patch)
tree: 010bbbb0e29adb020b9a12d16e85fe918d60d95c /modules/user/controllers
parent: a42c101c0b76edb403f2f9c646c27539b983394b (diff)
1 files changed, 6 insertions, 1 deletions
diff --git a/modules/user/controllers/logout.php b/modules/user/controllers/logout.php
index 6ceb7192..a541ed9b 100644
--- a/modules/user/controllers/logout.php
+++ b/modules/user/controllers/logout.php
@@ -26,7 +26,12 @@ class Logout_Controller extends Controller {
     log::info("user", t("User %name logged out", array("name" => $user->name)),
               html::anchor("user/$user->id", $user->name));
     if ($this->input->get("continue")) {
-      url::redirect($this->input->get("continue"));
+      $item = url::get_item_from_uri($this->input->get("continue"));
+      if (access::can("view", $item)) {
+        url::redirect($this->input->get("continue"));
+      } else {
+        url::redirect("");
+      }
     }
   }
 }
 \ No newline at end of file
author	Tim Almdal <tnalmdal@shaw.ca>	2009-06-09 21:35:35 +0800
committer	Tim Almdal <tnalmdal@shaw.ca>	2009-06-09 21:45:43 +0800
commit	f0ea6d532cbbfd5a95e5b992bc62bb7ecb2c1c3b (patch)
tree	010bbbb0e29adb020b9a12d16e85fe918d60d95c /modules/user/controllers
parent	a42c101c0b76edb403f2f9c646c27539b983394b (diff)