Uploaded image for project: 'Moodle'
  1. Moodle
  2. MDL-63748

Account confirmation page is ignoring the redirect parameter

XMLWordPrintable

    • MOODLE_34_STABLE, MOODLE_35_STABLE, MOODLE_36_STABLE
    • MOODLE_34_STABLE, MOODLE_35_STABLE
    • MDL-63748-master
    • Hide
      1. Log-in as admin in your local site
      2. Go to Site administration > Plugins >Authentication > Manage authentication and Enable the "E-mail based self-registration" plugin, in the same page scroll down to "Self registration " to set there "E-mail based self-registration"
      3. Now, log-out and open again your Moodle site in the browser and via the login page "Create new account" button create a new user account using a correct email address you have access to
      4. You should receive a new account confirmation email with a confirmation URL that has the following format:
      5. http://localhost/m/stable_master/login/confirm.php?data=XXXXXXXXX/username
      6. Do not click on that URL, just copy it
      7. Append to that URL the following: &redirect=http://localhost/m/stable_master/calendar/view.php?view=month (replacing http://localhost/m/stable_master with your local site URL)
      8. Open that URL in a browser and check that you are redirected to the site "Calendar page" authenticated as the new user you just created
      9. Now, repeat the complete process (starting in point 3, using a different email account) but instead appending the URL indicating in step 7, use for example: https://www.google.com and check that you are not redirected to the external URL (google in this case)
      Show
      Log-in as admin in your local site Go to Site administration > Plugins >Authentication > Manage authentication and Enable the "E-mail based self-registration" plugin, in the same page scroll down to "Self registration " to set there "E-mail based self-registration" Now, log-out and open again your Moodle site in the browser and via the login page "Create new account" button create a new user account using a correct email address you have access to You should receive a new account confirmation email with a confirmation URL that has the following format: http://localhost/m/stable_master/login/confirm.php?data=XXXXXXXXX/username Do not click on that URL, just copy it Append to that URL the following: &redirect= http://localhost/m/stable_master/calendar/view.php?view=month (replacing http://localhost/m/stable_master with your local site URL) Open that URL in a browser and check that you are redirected to the site "Calendar page" authenticated as the new user you just created Now, repeat the complete process (starting in point 3, using a different email account) but instead appending the URL indicating in step 7, use for example: https://www.google.com and check that you are not redirected to the external URL (google in this case)

      MDL-51827 Introduced a regressiĆ³n, see this commit:
      https://github.com/moodle/moodle/commit/e95fe51e72c63848f34ef99e3ee3c7ee0eac6cac

      We have to make the $redirect parameter to work again when we want allow external systems to process user confirmation (like the app via WS)

            jleyva Juan Leyva
            jleyva Juan Leyva
            Albert Gasset Albert Gasset
            Eloy Lafuente (stronk7) Eloy Lafuente (stronk7)
            Anna Carissa Sadia Anna Carissa Sadia
            Votes:
            0 Vote for this issue
            Watchers:
            4 Start watching this issue

              Created:
              Updated:
              Resolved:

                Estimated:
                Original Estimate - Not Specified
                Not Specified
                Remaining:
                Remaining Estimate - 0 minutes
                0m
                Logged:
                Time Spent - 1 hour, 30 minutes
                1h 30m

                  Error rendering 'clockify-timesheets-time-tracking-reports:timer-sidebar'. Please contact your Jira administrators.