Fix user creation form redirection (#3656)

Before, when there was an error during the user creation process, the user was always redirected to the same page no matter where the creation process was initiated (registration or creation by an admin). Thus, there were no error messages displayed when something went bad during the creation process by an admin. Now, the origin of the user creation has been added to the form to be able to redirect the user to the proper page.
2026-04-04 22:53:27 -04:00 · 2021-06-01 08:16:33 -04:00
parent d6a0af6ba0
commit 3c3eab768e
2 changed files with 13 additions and 6 deletions
--- a/app/Controllers/userController.php
+++ b/app/Controllers/userController.php
@@ -287,25 +287,29 @@ class FreshRSS_user_Controller extends Minz_ActionController {
 			$new_user_name = Minz_Request::param('new_user_name');
 			$email = Minz_Request::param('new_user_email', '');
 			$passwordPlain = Minz_Request::param('new_user_passwordPlain', '', true);
+			$badRedirectUrl = [
+				'c' => Minz_Request::param('originController', 'auth'),
+				'a' => Minz_Request::param('originAction', 'register'),
+			];

 			if (!self::checkUsername($new_user_name)) {
 				Minz_Request::bad(
 					_t('user.username.invalid'),
-					array('c' => 'auth', 'a' => 'register')
+					$badRedirectUrl
 				);
 			}

 			if (FreshRSS_UserDAO::exists($new_user_name)) {
 				Minz_Request::bad(
 					_t('user.username.taken', $new_user_name),
-					array('c' => 'auth', 'a' => 'register')
+					$badRedirectUrl
 				);
 			}

 			if (!FreshRSS_password_Util::check($passwordPlain)) {
 				Minz_Request::bad(
 					_t('user.password.invalid'),
-					array('c' => 'auth', 'a' => 'register')
+					$badRedirectUrl
 				);
 			}

@@ -315,21 +319,21 @@ class FreshRSS_user_Controller extends Minz_ActionController {
 			if ($system_conf->force_email_validation && empty($email)) {
 				Minz_Request::bad(
 					_t('user.email.feedback.required'),
-					array('c' => 'auth', 'a' => 'register')
+					$badRedirectUrl
 				);
 			}

 			if (!empty($email) && !validateEmailAddress($email)) {
 				Minz_Request::bad(
 					_t('user.email.feedback.invalid'),
-					array('c' => 'auth', 'a' => 'register')
+					$badRedirectUrl
 				);
 			}

 			if ($tos_enabled && !$accept_tos) {
 				Minz_Request::bad(
 					_t('user.tos.feedback.invalid'),
-					array('c' => 'auth', 'a' => 'register')
+					$badRedirectUrl
 				);
 			}

--- a/app/views/user/manage.phtml
+++ b/app/views/user/manage.phtml
@@ -5,6 +5,9 @@

 	<form method="post" action="<?= _url('user', 'create') ?>" autocomplete="off">
 		<input type="hidden" name="_csrf" value="<?= FreshRSS_Auth::csrfToken() ?>" />
+		<input type="hidden" name="originController" value="<?= Minz_Request::controllerName() ?>" />
+		<input type="hidden" name="originAction" value="<?= Minz_Request::actionName() ?>" />
+
 		<legend><?= _t('admin.user.create') ?></legend>

 		<div class="form-group">