diff --git a/libraries/src/Application/CMSApplication.php b/libraries/src/Application/CMSApplication.php index 4b6bf2ae9a79..9402d83df537 100644 --- a/libraries/src/Application/CMSApplication.php +++ b/libraries/src/Application/CMSApplication.php @@ -406,74 +406,74 @@ protected function checkUserRequireReset($option, $view, $layout, $tasks) */ protected function checkUserRequiresReset($option, $view, $layout, $urls = []) { - if ($this->getIdentity()->requireReset) { - $redirect = false; - - /* - * By default user profile edit page is used. - * That page allows you to change more than just the password and might not be the desired behavior. - * This allows a developer to override the page that manage the password reset. - * (can be configured using the file: configuration.php, or if extended, through the global configuration form) - */ - $name = $this->getName(); - - if ($this->get($name . '_reset_password_override', 0)) { - $option = $this->get($name . '_reset_password_option', ''); - $view = $this->get($name . '_reset_password_view', ''); - $layout = $this->get($name . '_reset_password_layout', ''); - $urls = $this->get($name . '_reset_password_urls', $urls); - } - - // If the current URL matches an entry in $urls, we do not redirect - if (\count($urls)) { - $found = false; - - foreach ($urls as $url) { - $found2 = false; + // Password reset is not required for the user, no need to check it further + if (!$this->getIdentity()->requireReset) { + return; + } - foreach ($url as $key => $value) { - if ($this->input->getCmd($key) !== $value) { - $found2 = false; - break; - } + /* + * By default user profile edit page is used. + * That page allows you to change more than just the password and might not be the desired behavior. + * This allows a developer to override the page that manage the password reset. + * (can be configured using the file: configuration.php, or if extended, through the global configuration form) + */ + $name = $this->getName(); - $found2 = true; - } + if ($this->get($name . '_reset_password_override', 0)) { + $option = $this->get($name . '_reset_password_option', ''); + $view = $this->get($name . '_reset_password_view', ''); + $layout = $this->get($name . '_reset_password_layout', ''); + $urls = $this->get($name . '_reset_password_urls', $urls); + } - if ($found2) { - $found = true; - break; - } - } + /** + * The page which manage password reset always need to accessible, so if the current page + * is managing password reset page, no need to check it further + */ + if ( + $this->input->getCmd('option', '') === $option + && $this->input->getCmd('view', '') === $view + && $this->input->getCmd('layout', '') == $layout + ) { + return; + } - if (!$found) { - $redirect = true; - } - } else { - if ( - $this->input->getCmd('option', '') !== $option || $this->input->getCmd('view', '') !== $view - || $this->input->getCmd('layout', '') !== $layout - ) { - // Requested a different option/view/layout - $redirect = true; + // If the current URL matches an entry in $urls, we do not redirect + foreach ($urls as $url) { + $match = true; + + foreach ($url as $key => $value) { + if ($this->input->getCmd($key) !== $value) { + /** + * The current URL does not meet this entry, get out of this loop + * and check next entry + */ + $match = false; + break; } } - if ($redirect) { - // Redirect to the profile edit page - $this->enqueueMessage(Text::_('JGLOBAL_PASSWORD_RESET_REQUIRED'), 'notice'); + // The current URL meet the entry, no redirect is needed, just return early + if ($match) { + return; + } + } - $url = Route::_('index.php?option=' . $option . '&view=' . $view . '&layout=' . $layout, false); + // Redirect to the profile edit page + $this->enqueueMessage(Text::_('JGLOBAL_PASSWORD_RESET_REQUIRED'), 'notice'); - // In the administrator we need a different URL - if (strtolower($name) === 'administrator') { - $user = Factory::getApplication()->getIdentity(); - $url = Route::_('index.php?option=' . $option . '&task=' . $view . '.' . $layout . '&id=' . $user->id, false); - } + $url = Route::_('index.php?option=' . $option . '&view=' . $view . '&layout=' . $layout, false); - $this->redirect($url); - } + // In the administrator we need a different URL + if ($this->isClient('administrator')) { + $user = $this->getIdentity(); + $url = Route::_( + 'index.php?option=' . $option . '&task=' . $view . '.' . $layout . '&id=' . $user->id, + false + ); } + + $this->redirect($url); } /** diff --git a/libraries/src/Application/SiteApplication.php b/libraries/src/Application/SiteApplication.php index bbdaabfa1278..c962975e1b3c 100644 --- a/libraries/src/Application/SiteApplication.php +++ b/libraries/src/Application/SiteApplication.php @@ -265,7 +265,6 @@ protected function doExecute() ['option' => 'com_users', 'view' => 'method'], ['option' => 'com_users', 'task' => 'method.add'], ['option' => 'com_users', 'task' => 'method.save'], - ['option' => 'com_users', 'view' => 'profile', 'layout' => 'edit'], ]); } @@ -707,7 +706,6 @@ public function login($credentials, $options = []) ['option' => 'com_users', 'view' => 'method'], ['option' => 'com_users', 'task' => 'method.add'], ['option' => 'com_users', 'task' => 'method.save'], - ['option' => 'com_users', 'view' => 'profile', 'layout' => 'edit'], ]); }