#43 Login on a page other than index.php causes 404 error
If you install the helpdesk in a location other than
the root of the web server, and you login on a page
other than the index.php page, for example if your
session expires, you will get a "404 Page not found" error.
This is caused by the "redirect" hidden variable in the
loginsidebar.inc (eg set to
"/helpdesk/issue.php?id=253") being turned into a
relative uri by the following code:
login.php:180-188
---
if ($redirect != '') {
$relative_uri = ltrim($redirect, '/');
} else if ($_SESSION['_usertype'] == 'Client') {
$relative_uri = 'myissues.php';
} else if ($_SESSION['_usertype'] == 'Root') {
$relative_uri = 'domains.php';
} else {
$relative_uri = 'unassignedissues.php';
}
---
This code assumes that the helpdesk is installed in the
root of the website, however our helpdesk is installed
in http://www/helpdesk/, so this code turns for example
"/helpdesk/issue.php?id=253" to
"helpdesk/issue.php?id=253", and hence into
"/helpdesk/helpdesk/issue.php?id=253" when it is
presented by the client, leading to the 404 error.
I would suggest changing the code like this:
login.php:180
---
if ($redirect != '') {
$relative_uri = ltrim($redirect, '/');
$basename =
ltrim(dirname($_SERVER['PHP_SELF']), '/');
if(strncmp($basename, $relative_uri,
strlen($basename)) == 0) {
$relative_uri = $relative_uri[strlen($basename)];
}
} else if ($_SESSION['_usertype'] == 'Client') {
$relative_uri = 'myissues.php';
} else if ($_SESSION['_usertype'] == 'Root') {
$relative_uri = 'domains.php';
} else {
$relative_uri = 'unassignedissues.php';
}
---
This does assume that login.php does not move from the
root of the helpdesk installation...
Logged In: NO
This doesn't work:
$relative_uri = $relative_uri[strlen($basename)];
it should be:
$relative_uri = substr($relative_uri, strlen($basename)+1);
(+1 needed to get rid of a double "/" in the generated uri)