The patch that was introduced in the drupal 6.15 core to fix this problem, was not sufficient. It effectively fixed the search BLOCK on a 404 page, but did not fix the problem when using:

<?php
print $search_box;
?>

in your template files.

The issue was fixed by removing some very strange lines in the /includes/common.inc, introduced by the previous patch... The lines are truly weird (and maybe were not ment to go into the patch?) since the added lines in the search.module sort of 'counter these'...

Tested and confirmed to be working:
- search on 404 for BLOCK
- search on 404 for $search_box
- login on 403

Patch attached...

CommentFileSizeAuthor
#15 search_404_non_block_fix.d6_x.patch839 bytesmalc0mn
#14 search_404_non_block_fix.d6_x.patch428 bytesmalc0mn
#13 search_404_non_block_fix.d6_x.patch478 bytesmalc0mn
#9 search_404_non_block_fix.d6_15.patch621 bytesmalc0mn
#1 search_404_non_block_fix.patch621 bytesmalc0mn

Comments

malc0mn’s picture

malc0mn commented
StatusFileSize
new search_404_non_block_fix.patch621 bytes

Patch here (did not seem to be attached to the initial post?).

geerlingguy’s picture

geerlingguy commented

Subscribe. I'm tempted to mark as critical :)

I will review this patch as soon as I can.

pwolanin’s picture

pwolanin commented
Version: 6.15 » 6.x-dev
Status: Needs review » Needs work

Those lines were added to handle redirect on user login I think - the correct fix is probably elsewhere

gábor hojtsy’s picture

gábor hojtsy
he/him
Primary language Hungarian
Location Hungary
commented
Version: 6.x-dev » 6.15
Status: Needs work » Needs review

These lines already have a rich and convoluted history, see #292565: Regression: Can't set /user to 403 page (was: login destination is broken), which started with the same issue and then resulted in multiple storms.

gábor hojtsy’s picture

gábor hojtsy
he/him
Primary language Hungarian
Location Hungary
commented
Version: 6.15 » 6.x-dev
Status: Needs review » Needs work

Crosspost.

geerlingguy’s picture

geerlingguy commented
Version: 6.x-dev » 6.15
Status: Needs work » Needs review

Eek! Well, the patch fixes my short-term problem, and since my site doesn't use the login block (but rather a context-aware login link, it's not a huge deal... we should maybe try having a test for both of these use cases...?

[Edit: I've tested the login destination from a 403 Access Denied page (where I printed the login form), as well as from 404 pages, and nothing seems to be broken... what's the specific issue?]

Status: Needs review » Needs work

The last submitted patch, search_404_non_block_fix.patch, failed testing.

malc0mn’s picture

malc0mn commented
Status: Needs work » Needs review

@4: I read the thread, but those lines still seem obsolete to me. As reported in the issue:
Tested and confirmed to be working:
- search on 404 for BLOCK
- search on 404 for $search_box
- login on 403

@6: Agreed, tested and nothing found to be broken...

@7: Any clue why the patch fails? Can't see why... I'll redo it if I know how to fix it... EDIT: I assume it fails on D7? I'll check if it's needed there as well, this patch was for 6.15...

malc0mn’s picture

malc0mn commented
StatusFileSize
new search_404_non_block_fix.d6_15.patch621 bytes

After some testing, I have confirmed the previously uploaded patch to be applicable and working for 6.15 and for the latest 6.x-dev release. I have no clue why it would fail, so I have reattached it and renamed it to *.d6_15.* just to be sure.

This patch is NOT needed for D7, since this way:

<?php
print $search_box;
?>

of displaying a search box is no longer possible... At least as far as I can tell and was able to test... The theme functions in the search.module for the search_box have been depricated in favour of overriding the *.tpl.php files for the search box (which is great).

IMHO, it is a vital patch for the D6 branch, since people do use the above mentioned way of displaying a search box (See also: http://drupal.org/node/668016#comment-2665342).

Status: Needs review » Needs work

The last submitted patch, search_404_non_block_fix.d6_15.patch, failed testing.

geerlingguy’s picture

geerlingguy commented

Back to dev... requesting re-test.

[fyi, you need to make the patch against Drupal 6 HEAD].

geerlingguy’s picture

geerlingguy commented
Version: 6.15 » 6.x-dev
Status: Needs work » Needs review

#9: search_404_non_block_fix.d6_15.patch queued for re-testing.

malc0mn’s picture

malc0mn commented
StatusFileSize
new search_404_non_block_fix.d6_x.patch478 bytes

@11: that was it!!

New patch attached.

malc0mn’s picture

malc0mn commented
StatusFileSize
new search_404_non_block_fix.d6_x.patch428 bytes

#@!joilm, I'm mixing up my HEADs... Used the correct HEAD now, patch in attach...

malc0mn’s picture

malc0mn commented
StatusFileSize
new search_404_non_block_fix.d6_x.patch839 bytes

Made the same mistake here as elswhere, @#!K (forgot -up options when diffing). I just might need some extra sleep. Proper patch in attach...

pwolanin’s picture

pwolanin commented
Status: Needs review » Needs work

See note above from Gabor - this cannot be the correct fix since it causes other problems.

malc0mn’s picture

malc0mn commented

@16: as I mentioned in #8, I have read the thread that introduced the lines I now propose to remove.
They were introduced in both the drupal_not_found() and drupal_access_denied() functions in includes/common.inc. Note that I'm only removing these lines from the drupal_not_found() function. As far as I can see and have tested, these lines are really not needed for 404 pages (where you have a non existing URL in q), they are needed for the 403 pages (where you have an existing URL in q).

The search form works differently than the login form (it needs to always redirect to /search/node/<searchterm> and giving it a destination simply messed that up). The lines introduced in drupal_not_found():

   watchdog('page not found', check_plain($_GET['q']), NULL, WATCHDOG_WARNING);
 
+  // Keep old path for reference, and to allow forms to redirect to it.
+  if (!isset($_REQUEST['destination'])) {
+    $_REQUEST['destination'] = $_GET['q'];
+  }
+

are counteracted by the lines introduced in the search.module:

 function search_box_form_submit($form, &$form_state) {
+  // The search form relies on control of the redirect destination for its
+  // functionality, so we override any static destination set in the request,
+  // for example by drupal_access_denied() or drupal_not_found()
+  // (see http://drupal.org/node/292565).
+  if (isset($_REQUEST['destination'])) {
+    unset($_REQUEST['destination']);
+  }
+  if (isset($_REQUEST['edit']['destination'])) {
+    unset($_REQUEST['edit']['destination']);
+  }
+

So, this patch makes drupal_not_found() set a static destination, whereas the exact same patch for search.module says:

+  // The search form relies on control of the redirect destination for its
+  // functionality, so we override any static destination set in the request,
+  // for example by drupal_access_denied() or drupal_not_found()

This was probably done for a login-redirect on a 404 page, but well... Redirecting back to a 404 would never make sense, right.
I can still be wrong of course, all comments are welcome ;-)

Again, as explained in the initial issue description, confirmed to be working after this patch in D6:

- search on 404 for BLOCK
- search on 404 for $search_box
- login on 403 (by setting up to redirect to /user on a 403 error in /admin/settings/error-reporting)

I will retest this and report back in a next comment. Feel free to do the same, so that we can confirm or deny the correctness of this patch.
If I'm wrong, I'm wrong :-)

malc0mn’s picture

malc0mn commented

Confirmed not working with this patch:
- search on 403 using

<?php
print $search_box;
?>

Halfway there...

traviscarden’s picture

traviscarden commented

subscribing

Status: Needs work » Closed (outdated)

Automatically closed because Drupal 6 is no longer supported. If the issue verifiably applies to later versions, please reopen with details and update the version.