Fixed issue #6605: Saving global settings returns to invalid referer URL

LimeSurvey · Nov 7, 2012 · ca9a53f · ca9a53f
1 parent f9ad359
commit ca9a53f
Showing 1 changed file with 5 additions and 0 deletions.
diff --git a/application/controllers/admin/globalsettings.php b/application/controllers/admin/globalsettings.php
@@ -65,6 +65,11 @@ private function _displaySettings()
 
         //save refurl from where global settings screen is called!
         $refurl = Yii::app()->getRequest()->getUrlReferrer();
+
+        // Some URLs are not to be allowed to refered back to.
+        // These exceptions can be added to the $aReplacements array
+        $aReplacements=array('admin/user/adduser'=>'admin/user/index');
+        $refurl= str_replace(array_keys($aReplacements),array_values($aReplacements),$refurl);
         Yii::app()->session['refurl'] = htmlspecialchars($refurl); //just to be safe!
 
         $data['clang'] = $this->getController()->lang;