fix for 0005655: Problems creating a new account (similar to #5653)

fix for 0005949: signing up is a bit too restrictive - don't increment last visit on account_update.php in case there is an error Now going "back" will work - move page name check to utility_api.php git-svn-id: http://mantisbt.svn.sourceforge.net/svnroot/mantisbt/trunk@3699 f5dc347c-c33d-0410-90a0-b07cc1902cb9
mantisbt · Jul 17, 2005 · 23c4674 · 23c4674
1 parent b1b9b34
commit 23c4674
Show file tree

Hide file tree

Showing 4 changed files with 17 additions and 10 deletions.
diff --git a/account_page.php b/account_page.php
@@ -6,7 +6,7 @@
 	# See the README and LICENSE files for details
 
 	# --------------------------------------------------------
-	# $Id: account_page.php,v 1.50 2005-07-11 19:08:14 thraxisp Exp $
+	# $Id: account_page.php,v 1.51 2005-07-17 21:56:21 thraxisp Exp $
 	# --------------------------------------------------------
 
 	# CALLERS
@@ -60,7 +60,7 @@
 
 	# note if we are being included by a script of a different name, if so,
 	#  this is a mandatory password change request
-	$t_force_pw_reset = ( isset( $_SERVER['PHP_SELF'] ) && ( 0 < strpos( $_SERVER['PHP_SELF'], 'verify.php' ) ) );
+	$t_force_pw_reset = is_page_name( 'verify.php' );
 
 	html_page_top1( lang_get( 'account_link' ) );
 	html_page_top2();

diff --git a/core.php b/core.php
@@ -6,7 +6,7 @@
 	# See the README and LICENSE files for details
 
 	# --------------------------------------------------------
-	# $Id: core.php,v 1.45 2005-07-14 21:38:00 thraxisp Exp $
+	# $Id: core.php,v 1.46 2005-07-17 21:56:21 thraxisp Exp $
 	# --------------------------------------------------------
 
 	###########################################################################
@@ -46,7 +46,7 @@
 		require_once( dirname( __FILE__ ).DIRECTORY_SEPARATOR.'config_inc.php' );
 	} else {
 		# if not found, redirect to the admin page to install the system
-		if ( ! stristr ( $_SERVER['PHP_SELF'], 'admin' ) ) {
+		if ( ! is_page_name( 'admin' ) ) {
 			if ( OFF == $g_use_iis ) {
 				header( 'Status: 302' );
 			}

diff --git a/core/html_api.php b/core/html_api.php
@@ -6,7 +6,7 @@
 	# See the README and LICENSE files for details
 
 	# --------------------------------------------------------
-	# $Id: html_api.php,v 1.175 2005-07-17 13:20:59 vboctor Exp $
+	# $Id: html_api.php,v 1.176 2005-07-17 21:56:21 thraxisp Exp $
 	# --------------------------------------------------------
 
 	###########################################################################
@@ -271,7 +271,7 @@ function html_top_banner() {
 		if ( !is_blank( $t_page ) && file_exists( $t_page ) && !is_dir( $t_page ) ) {
 			include( $t_page );
 		} else {
-			if ( strstr( $_SERVER['PHP_SELF'], 'login_page' ) !== false ) {
+			if ( ! is_page_name( 'login_page' ) ) {
 				$t_align = 'center';
 			} else {
 				$t_align = 'left';
@@ -355,9 +355,9 @@ function html_footer( $p_file ) {
 		# We do this at the end of the page so that:
 		#  1) we can display the user's last visit time on a page before updating it
 		#  2) we don't invalidate the user cache immediately after fetching it
-		#  3) don't do this on the password verification page, as it causes the
+		#  3) don't do this on the password verification or update page, as it causes the
 		#    verification comparison to fail
-		if ( auth_is_user_authenticated() && !( isset( $_SERVER['PHP_SELF'] ) && ( 0 < strpos( $_SERVER['PHP_SELF'], 'verify.php' ) ) ) ) {
+		if ( auth_is_user_authenticated() && !( is_page_name( 'verify.php' ) || is_page_name( 'account_update.php' ) ) ) {
 			$t_user_id = auth_get_current_user_id();
 			user_update_last_visit( $t_user_id );
 		}
@@ -373,7 +373,7 @@ function html_footer( $p_file ) {
 		echo "\t", '<address>Copyright &copy; 2000 - 2005 Mantis Group</address>', "\n";
 
 		# only display webmaster email is current user is not the anonymous user
-		if ( isset( $_SERVER['PHP_SELF'] ) && ( false === strstr( "login_page.php", $_SERVER['PHP_SELF'] ) ) && !current_user_is_anonymous() ) {
+		if ( ! is_page_name( 'login_page.php' ) && !current_user_is_anonymous() ) {
 			echo "\t", '<address><a href="mailto:', config_get( 'webmaster_email' ), '">', config_get( 'webmaster_email' ), '</a></address>', "\n";
 		}
 

diff --git a/core/utility_api.php b/core/utility_api.php
@@ -6,7 +6,7 @@
 	# See the README and LICENSE files for details
 
 	# --------------------------------------------------------
-	# $Id: utility_api.php,v 1.19 2005-04-15 22:05:17 thraxisp Exp $
+	# $Id: utility_api.php,v 1.20 2005-07-17 21:56:21 thraxisp Exp $
 	# --------------------------------------------------------
 
 	### Utility API ###
@@ -210,4 +210,11 @@ function get_gd_version()
 	   	}
 	  }
 	}
+
+	# ---------------------
+	# return true or false if string matches current page name
+	function is_page_name( $p_string ) {
+	   return isset( $_SERVER['PHP_SELF'] ) && ( 0 < strpos( $_SERVER['PHP_SELF'], $p_string ) );
+	}
+
 ?>