From 6b8a52d3287a8ead8be26070b354e672e9e1c0fd Mon Sep 17 00:00:00 2001 From: Bharat Mediratta Date: Mon, 4 Jan 2010 21:37:51 -0800 Subject: Fix the logout link to send you back to the current url. The old approach depended on having an $item, which is not the case on all pages (eg: tag pages). Also, check the CSRF in the logout controller, else you can use the logout link as a blind forwarder. --- modules/gallery/controllers/logout.php | 1 + modules/gallery/helpers/gallery_event.php | 10 +++++----- 2 files changed, 6 insertions(+), 5 deletions(-) (limited to 'modules') diff --git a/modules/gallery/controllers/logout.php b/modules/gallery/controllers/logout.php index fe9c48ba..bfcf0f9e 100644 --- a/modules/gallery/controllers/logout.php +++ b/modules/gallery/controllers/logout.php @@ -19,6 +19,7 @@ */ class Logout_Controller extends Controller { public function index() { + access::verify_csrf(); auth::logout(); if ($continue_url = Input::instance()->get("continue")) { $item = url::get_item_from_uri($continue_url); diff --git a/modules/gallery/helpers/gallery_event.php b/modules/gallery/helpers/gallery_event.php index 5565850d..679d65c2 100644 --- a/modules/gallery/helpers/gallery_event.php +++ b/modules/gallery/helpers/gallery_event.php @@ -117,11 +117,11 @@ class gallery_event_Core { ->url(url::site("form/edit/users/{$user->id}")) ->label($user->display_name())); $menu->append(Menu::factory("link") - ->id("user_menu_logout") - ->css_id("g-logout-link") - ->url(url::site("logout?csrf=$csrf&continue=" . - urlencode($item->url()))) - ->label(t("Logout"))); + ->id("user_menu_logout") + ->css_id("g-logout-link") + ->url(url::site("logout?csrf=$csrf&continue=" . + urlencode(url::abs_current()))) + ->label(t("Logout"))); } } } -- cgit v1.2.3