diff --git a/core/um-access.php b/core/um-access.php
index edada558..1e44117a 100644
--- a/core/um-access.php
+++ b/core/um-access.php
@@ -31,10 +31,12 @@ class UM_Access {
if ( strstr( $this->redirect_handler, um_get_core_page('login') ) ){
$curr = $ultimatemember->permalinks->get_current_url();
- $this->redirect_handler = esc_url( add_query_arg('redirect_to', $curr, $this->redirect_handler) );
+ $this->redirect_handler = add_query_arg('redirect_to', um_set_redirect_url($curr), $this->redirect_handler);
+ $this->redirect_handler = esc_url( $this->redirect_handler );
}
- exit( wp_redirect( $this->redirect_handler ) );
+ wp_redirect( $this->redirect_handler );
+
}
}
diff --git a/core/um-account.php b/core/um-account.php
index 1750a8ae..826827ac 100644
--- a/core/um-account.php
+++ b/core/um-account.php
@@ -74,7 +74,15 @@ class UM_Account {
global $ultimatemember;
if ( um_is_core_page('account') && !is_user_logged_in() ) {
- exit( wp_redirect( add_query_arg('redirect_to', urlencode( um_get_core_page('account') ) , um_get_core_page('login') ) ) );
+
+ $redirect_to = add_query_arg(
+ 'redirect_to',
+ um_set_redirect_url( um_get_core_page('account') ) ,
+ um_get_core_page('login')
+ );
+
+ exit( wp_redirect( $redirect_to ) );
+
}
if ( um_is_core_page('account') ) {
diff --git a/core/um-actions-login.php b/core/um-actions-login.php
index 2019a60e..dcac2ddf 100644
--- a/core/um-actions-login.php
+++ b/core/um-actions-login.php
@@ -136,7 +136,7 @@
// Priority redirect
if ( isset( $args['redirect_to'] ) ) {
- exit( wp_redirect( $args['redirect_to'] ) );
+ exit( wp_redirect( um_get_redirect_url( $args['redirect_to'] ) ) );
}
// Role redirect
diff --git a/core/um-actions-misc.php b/core/um-actions-misc.php
index daf1144c..b51dd37d 100644
--- a/core/um-actions-misc.php
+++ b/core/um-actions-misc.php
@@ -9,8 +9,8 @@
global $ultimatemember;
if ( isset( $_REQUEST['redirect_to'] ) && !empty( $_REQUEST['redirect_to'] ) ) {
-
- echo '';
+
+ echo '';
} else if ( isset( $args['after_login'] ) && !empty( $args['after_login'] ) ) {
@@ -33,6 +33,7 @@
break;
}
+ $url = esc_attr( um_set_redirect_url( $url ) );
echo '';
diff --git a/core/um-short-functions.php b/core/um-short-functions.php
index 9b5f5c0d..2767c897 100644
--- a/core/um-short-functions.php
+++ b/core/um-short-functions.php
@@ -54,15 +54,56 @@
*** @Get where user should be headed after logging
***/
function um_dynamic_login_page_redirect( $redirect_to = '' ) {
+
global $ultimatemember;
+
$uri = um_get_core_page( 'login' );
+
if ( ! $redirect_to ) {
$redirect_to = $ultimatemember->permalinks->get_current_url();
}
- $uri = add_query_arg( 'redirect_to', $redirect_to, $uri );
+
+ $redirect_key = um_set_redirect_url( $redirect_to );
+
+ $uri = add_query_arg( 'redirect_to', $redirect_key, $uri );
+
return $uri;
}
+ /**
+ * Set redirect key
+ * @param string $url
+ * @return string $redirect_key
+ */
+ function um_set_redirect_url( $url ){
+
+ $redirect_key = wp_generate_password(12,false);
+
+ $_SESSION['um_redirect_key'] = array( $redirect_key => $url );
+
+ return $redirect_key;
+ }
+
+ /**
+ * Set redirect key
+ * @param string $url
+ * @return string $redirect_key
+ */
+ function um_get_redirect_url( $key ){
+
+ if( isset( $_SESSION['um_redirect_key'][ $key ] ) ){
+
+ $url = $_SESSION['um_redirect_key'][ $key ];
+
+ unset( $_SESSION['um_redirect_key'] );
+
+ return $url;
+
+ }
+
+ return;
+ }
+
/***
*** @user clean basename
***/