Jump to:
| Project: | Login Destination |
| Version: | 6.x-2.3 |
| Component: | Code |
| Category: | bug report |
| Priority: | normal |
| Assigned: | Unassigned |
| Status: | closed (fixed) |
| Issue tags: | ToDo |
Issue Summary
Situation:
login_destination is configured to redirect all logins to $url. User X uses Drupal's "get new password" feature to obtain a one-time login link via email, for resetting his password. User clicks that link, is directed to the "Reset password" page, and clicks the "Log in" button on that page. What happens next?
Expected:
User should be directed to /user/$userid/edit to be prompted immediately to reset password.
Actual behavior:
User is redirected to $url by login_destination.
Workaround:
Under /admin/user/login_destination, in the fieldset "Redirect condition settings," set the radio-button option to "PHP snippet", and enter this PHP code in the "Redirect condition" textarea:
if (arg(0) == 'user' && arg(1) == 'reset') {
return false;
} else {
return true;
}This works by checking for the path of the user-password-reset feature, and, if found, tells login_destination not to redirect the user.
Suggested fix:
Incorporate similar -- probably more elegant -- logic into login_destination.module, rather than requiring system admins to reverse engineer this Drupal core feature.
BTW, thanks to rsvelko for a great and useful module.
Comments
#1
Forgot to mention: this problem occurs even with the "Preserve destination" setting turned on.
#2
ok this one is important. todo-ing it.
#3
fixed in 2.6 - try it when it is out today.
I tested it once and it works.
#4
Automatically closed -- issue fixed for 2 weeks with no activity.