Support for Drupal 7 is ending on 5 January 2025—it’s time to migrate to Drupal 10! Learn about the many benefits of Drupal 10 and find migration tools in our resource center.
I think drupal_get_destination() should keep track of the origionally set destination. With this patch drupal_get_destination() will return the current destination instead of the current page if it exists.
Comment | File | Size | Author |
---|---|---|---|
#18 | common.inc_6_0.diff | 878 bytes | Wesley Tanaka |
#5 | destination.patch | 3.6 KB | drumm |
#2 | common.inc_5.diff | 1.47 KB | drumm |
common.inc_4.diff | 1.44 KB | drumm | |
Comments
Comment #1
drummsetting status to patch
Comment #2
drummMore clear help text. Hopefully the patch is more self-explanatory now.
Comment #3
Kobus CreditAttribution: Kobus commentedNot sure if I understand this correctly, but from my scan of the code it seems like it. If I do understand correctly:
1. User clicks on an e-mail or web link to an article on a page.
2. Authentication is required.
3. User gets redirected to log in.
4. User logs in.
5. User gets redirected to the original article they requested.
If that is what this patch enables me to do, I am +20 for it :)
Regards,
Kobus
Comment #4
drummI am updating this patch so that this API feature is used by the node module.
Comment #5
drummThis patch includes going back to the right place when deleting nodes.
Comment #6
drummWrong status.
Comment #7
chx CreditAttribution: chx commentedvery nice idea.
Comment #8
jjeff CreditAttribution: jjeff commentedI've been using a hack to get this functionality on my current site. It should DEFINITELY be part of the core. If anyone wants to build a theme that doesn't have a login box on every page, this is absolutely necessary.
++1
Comment #9
drummJust to be clear, this does not affect the login process.
Comment #10
jjeff CreditAttribution: jjeff commentedWell it does not affect the default Drupal login process, but if a theme wants to put a login link on its pages rather than the Drupal-esque login form-on-every-page, then the appropriate way would be to use:
The idea being that users would get sent to http://www.example.com/user/login?destination=the_node_they_came_from
However, because the destination does not persist, they don't get sent back to the node they came from. Instead they get sent to their user page.
Unless I'm reading it wrong, this patch fixes drupal_get_destination() so that everything works as it should and the user ends up logged in and back at the original node.
-Jeff
Comment #11
gordon CreditAttribution: gordon commentedNot to blow my own trumpet... well actually I am.
Kobus: The patch that you are looking for the one that I did a month or so ago. Basically if you get a 403 and you are not logged in you will get a login page and then once you have loged it will redirect you back to the page that you we denied access to. This patch is more of an API level change where you are going to need to do some coding before you can make use of it.
I have not yet been able to convince Dries that you cannot do this in Drupal. He has been a little busy laterly so I have not bugged him.
As for this patch. +1 I like it. The idea of not having a login page on a theme, but still come back to the current page is great.
Comment #12
gordon CreditAttribution: gordon commentedopps forgot the url.
http://drupal.org/node/24050
Comment #13
matt westgate CreditAttribution: matt westgate commentedI tested this patch and it works as expected. By tacking on a destination parameter to the URI I was able to control for example, where the login form takes a user after successful authentication. This is especially helpful for the ecommerce package to redirect users back to the checkout process after logon.
I did some basic security checks to make sure a user couldn't redirect to an absolute URL or traverse web directories, but I still ponder the implications are of allowing anyone to control the destination after a form submit on my site.
That could just be the control freak in me coming out in full swing.
Comment #14
DriesK CreditAttribution: DriesK commentedIn Simplenews module, I implemented a small hack to cope with redirection when deleting a newsletter. I applied destination.patch, removed the hack from simplenews.module and tested it: it works like a charm.
+1 for me.
Comment #15
Dries CreditAttribution: Dries commentedCommitted to HEAD. Thanks.
Comment #16
(not verified) CreditAttribution: commentedComment #17
drummComment #18
Wesley Tanaka CreditAttribution: Wesley Tanaka commentedsmaller version of original patch which can be applied to 4.6.3
Comment #19
magico CreditAttribution: magico commentedThis never got applied to 4.6.
Anyway, I confirm that it applies and it works. It should stay here, because this really fixes a bug with the drupal_get_destination()
Comment #20
Gurpartap Singh CreditAttribution: Gurpartap Singh commentedThis is already in core.