Support for Drupal 7 is ending on 5 January 2025—it’s time to migrate to Drupal 10! Learn about the many benefits of Drupal 10 and find migration tools in our resource center.
I configured login destination to use PHP snippets to determine the final url. The idea was that the user would log in and then a php snippet would check that user's information to determine where to send them. This worked fine in 6.x.2.5
Upon updating to 6.x.2.6 the order in which events happened changed critically. It now executes the Destination URL PHP snippet before the user is actually logged in, meaning my snippet no longer has access to any useful data.
I changed the snippet to be:
global $user;
die (print_r($user, TRUE));
And as you can see, the user is not logged in upon reaching this code block.
stdClass Object ( [uid] => 0 [hostname] => REDACTED [roles] => Array ( [1] => anonymous user ) [session] => [cache] => 0 )
Comments
Comment #1
jbiechele CreditAttribution: jbiechele commentedsubscribe
Comment #2
Jaypan CreditAttribution: Jaypan commentedI am seeing the same behavior. I downgraded to 2.5 for the time being.
Comment #3
3CWebDev CreditAttribution: 3CWebDev commentedSame issue. Downgrading and subscribing.
Comment #4
spuky CreditAttribution: spuky commentedSet to critical to make it easyer to spot... took me quite some time to find what was wrong...
Downgraded to 2.5
Comment #5
mikesir87 CreditAttribution: mikesir87 commentedHaving the same issue here... It actually broke the site because we're using Content Profile and Auto Assign Role during registration. With the PHP firing beforehand, the profiles aren't being saved. Downgraded and subscribing.
Comment #6
gownikarunakar CreditAttribution: gownikarunakar commentedAnyone has found any solution for this yet?
Comment #7
Sohodojo Jim CreditAttribution: Sohodojo Jim commentedSame here. Downgraded and subscribing.
Comment #8
3CWebDev CreditAttribution: 3CWebDev commentedOkay, I tracked down the cause of the bug. The latest version has a new form_alter hook on the user_login form that appears to be clashing with the hook_user hook. I can't tell the purpose of the new form_alter hook but it is also calling the routine that evaluates the PHP snippet and redirecting the user before the hook_user hook is doing it.
I found a work around that I think is allowed because of another bug. If you check the "Return user to where he/she came from. (Preserve destination" box in the "destination URL admin" section it will bypass the user_login hook, run the PHP evaluation and then redirect as it did in the previous release.
Please see comments in the culprit function from the 6.2.6 version below.
Comment #9
3CWebDev CreditAttribution: 3CWebDev commentedComment #10
3CWebDev CreditAttribution: 3CWebDev commentedThis has been fixed in the latest module. Please install and test. Please be aware the the redirect conditions are also working now and if you had conditions already entered they may not have been working on previous versions and will begin working on the new version. This could cause unexpected actions.
Comment #12
rsvelko CreditAttribution: rsvelko as a volunteer commentedI confirm that it works now. The php snippet has access to the username and roles etc...