diff --git a/core/um-access.php b/core/um-access.php index edada558..1e44117a 100644 --- a/core/um-access.php +++ b/core/um-access.php @@ -31,10 +31,12 @@ class UM_Access { if ( strstr( $this->redirect_handler, um_get_core_page('login') ) ){ $curr = $ultimatemember->permalinks->get_current_url(); - $this->redirect_handler = esc_url( add_query_arg('redirect_to', $curr, $this->redirect_handler) ); + $this->redirect_handler = add_query_arg('redirect_to', um_set_redirect_url($curr), $this->redirect_handler); + $this->redirect_handler = esc_url( $this->redirect_handler ); } - exit( wp_redirect( $this->redirect_handler ) ); + wp_redirect( $this->redirect_handler ); + } } diff --git a/core/um-account.php b/core/um-account.php index 1750a8ae..826827ac 100644 --- a/core/um-account.php +++ b/core/um-account.php @@ -74,7 +74,15 @@ class UM_Account { global $ultimatemember; if ( um_is_core_page('account') && !is_user_logged_in() ) { - exit( wp_redirect( add_query_arg('redirect_to', urlencode( um_get_core_page('account') ) , um_get_core_page('login') ) ) ); + + $redirect_to = add_query_arg( + 'redirect_to', + um_set_redirect_url( um_get_core_page('account') ) , + um_get_core_page('login') + ); + + exit( wp_redirect( $redirect_to ) ); + } if ( um_is_core_page('account') ) { diff --git a/core/um-actions-login.php b/core/um-actions-login.php index 2019a60e..dcac2ddf 100644 --- a/core/um-actions-login.php +++ b/core/um-actions-login.php @@ -136,7 +136,7 @@ // Priority redirect if ( isset( $args['redirect_to'] ) ) { - exit( wp_redirect( $args['redirect_to'] ) ); + exit( wp_redirect( um_get_redirect_url( $args['redirect_to'] ) ) ); } // Role redirect diff --git a/core/um-actions-misc.php b/core/um-actions-misc.php index daf1144c..b51dd37d 100644 --- a/core/um-actions-misc.php +++ b/core/um-actions-misc.php @@ -9,8 +9,8 @@ global $ultimatemember; if ( isset( $_REQUEST['redirect_to'] ) && !empty( $_REQUEST['redirect_to'] ) ) { - - echo ''; + + echo ''; } else if ( isset( $args['after_login'] ) && !empty( $args['after_login'] ) ) { @@ -33,6 +33,7 @@ break; } + $url = esc_attr( um_set_redirect_url( $url ) ); echo ''; diff --git a/core/um-short-functions.php b/core/um-short-functions.php index 9b5f5c0d..2767c897 100644 --- a/core/um-short-functions.php +++ b/core/um-short-functions.php @@ -54,15 +54,56 @@ *** @Get where user should be headed after logging ***/ function um_dynamic_login_page_redirect( $redirect_to = '' ) { + global $ultimatemember; + $uri = um_get_core_page( 'login' ); + if ( ! $redirect_to ) { $redirect_to = $ultimatemember->permalinks->get_current_url(); } - $uri = add_query_arg( 'redirect_to', $redirect_to, $uri ); + + $redirect_key = um_set_redirect_url( $redirect_to ); + + $uri = add_query_arg( 'redirect_to', $redirect_key, $uri ); + return $uri; } + /** + * Set redirect key + * @param string $url + * @return string $redirect_key + */ + function um_set_redirect_url( $url ){ + + $redirect_key = wp_generate_password(12,false); + + $_SESSION['um_redirect_key'] = array( $redirect_key => $url ); + + return $redirect_key; + } + + /** + * Set redirect key + * @param string $url + * @return string $redirect_key + */ + function um_get_redirect_url( $key ){ + + if( isset( $_SESSION['um_redirect_key'][ $key ] ) ){ + + $url = $_SESSION['um_redirect_key'][ $key ]; + + unset( $_SESSION['um_redirect_key'] ); + + return $url; + + } + + return; + } + /*** *** @user clean basename ***/