diff --git a/administrator/components/com_menus/views/menus/tmpl/default.php b/administrator/components/com_menus/views/menus/tmpl/default.php
index d25d5fad4eec6..495331cfd6d76 100644
--- a/administrator/components/com_menus/views/menus/tmpl/default.php
+++ b/administrator/components/com_menus/views/menus/tmpl/default.php
@@ -171,7 +171,8 @@
modules[$item->menutype] as &$module) : ?>
authorise('core.edit', 'com_modules.module.' . (int) $module->id)) : ?>
- id . '&return=' . $return . '&tmpl=component&layout=modal'); ?>
+ id . '&tmpl=component&layout=modal&return=return'; ?>
+
escape($module->title), $this->escape($module->access_title), $this->escape($module->position)); ?>
@@ -184,7 +185,8 @@
modules[$item->menutype] as &$module) : ?>
authorise('core.edit', 'com_modules.module.' . (int) $module->id)) : ?>
- id . '&return=' . $return . '&tmpl=component&layout=modal'); ?>
+ id . '&tmpl=component&layout=modal&return=return'; ?>
+
id . 'Modal',
diff --git a/administrator/templates/hathor/html/com_menus/menus/default.php b/administrator/templates/hathor/html/com_menus/menus/default.php
index e43bec547a655..0c93c4bf598c2 100644
--- a/administrator/templates/hathor/html/com_menus/menus/default.php
+++ b/administrator/templates/hathor/html/com_menus/menus/default.php
@@ -141,7 +141,8 @@
?>
- id.'&return='.$return.'&tmpl=component&layout=modal'); ?>
+ id . '&tmpl=component&layout=modal&return=return'; ?>
+
escape($module->title), $this->escape($module->access_title), $this->escape($module->position)); ?>
@@ -152,7 +153,8 @@
modules[$item->menutype] as &$module) : ?>
- id.'&return='.$return.'&tmpl=component&layout=modal'); ?>
+ id . '&tmpl=component&layout=modal&return=return'; ?>
+
id . 'Modal',
diff --git a/components/com_config/controller/modules/cancel.php b/components/com_config/controller/modules/cancel.php
index 3e8cd5f2b71de..3fb4938e9c8ca 100644
--- a/components/com_config/controller/modules/cancel.php
+++ b/components/com_config/controller/modules/cancel.php
@@ -41,9 +41,9 @@ public function execute()
// Get returnUri
$returnUri = $this->input->post->get('return', null, 'base64');
- if (!empty($returnUri))
+ if ($returnUri)
{
- $this->redirect = base64_decode(urldecode($returnUri));
+ $this->redirect = base64_decode($returnUri);
}
else
{
diff --git a/components/com_config/controller/modules/save.php b/components/com_config/controller/modules/save.php
index f1b1fb85610b4..b8f0181073585 100644
--- a/components/com_config/controller/modules/save.php
+++ b/components/com_config/controller/modules/save.php
@@ -50,14 +50,8 @@ public function execute()
// Get sumitted module id
$moduleId = '&id=' . $this->input->get('id');
- // Get returnUri
- $returnUri = $this->input->post->get('return', null, 'base64');
- $redirect = '';
-
- if (!empty($returnUri))
- {
- $redirect = '&return=' . $returnUri;
- }
+ $return = $this->input->post->get('return', null, 'base64');
+ $redirect = $return ? '&return=return' : '';
// Access backend com_modules to be done
JLoader::register('ModulesControllerModule', JPATH_ADMINISTRATOR . '/components/com_modules/controllers/module.php');
@@ -72,22 +66,25 @@ public function execute()
$document->setType('json');
// Execute backend controller
- $return = $controllerClass->save();
+ $result = $controllerClass->save();
// Reset params back after requesting from service
$document->setType('html');
// Check the return value.
- if ($return === false)
+ if ($result === false)
{
// Save the data in the session.
$data = $this->input->post->get('jform', array(), 'array');
$this->app->setUserState('com_config.modules.global.data', $data);
+ $redirect = 'index.php?option=com_config&controller=config.display.modules' . $moduleId . $redirect;
+ $redirect = str_replace('return=return', 'return=' . urlencode($return), JRoute::_($redirect, false));
+
// Save failed, go back to the screen and display a notice.
$this->app->enqueueMessage(JText::_('JERROR_SAVE_FAILED'));
- $this->app->redirect(JRoute::_('index.php?option=com_config&controller=config.display.modules' . $moduleId . $redirect, false));
+ $this->app->redirect($redirect);
}
// Redirect back to com_config display
@@ -97,15 +94,17 @@ public function execute()
switch ($this->options[3])
{
case 'apply':
- $this->app->redirect(JRoute::_('index.php?option=com_config&controller=config.display.modules' . $moduleId . $redirect, false));
+ $redirect = 'index.php?option=com_config&controller=config.display.modules' . $moduleId . $redirect;
+ $redirect = str_replace('return=return', 'return=' . urlencode($return), JRoute::_($redirect, false));
+
+ $this->app->redirect($redirect);
break;
case 'save':
default:
-
- if (!empty($returnUri))
+ if ($return)
{
- $redirect = base64_decode(urldecode($returnUri));
+ $redirect = base64_decode($return);
// Don't redirect to an external URL.
if (!JUri::isInternal($redirect))
diff --git a/components/com_content/controllers/article.php b/components/com_content/controllers/article.php
index f4d6455934321..344daa7210eee 100644
--- a/components/com_content/controllers/article.php
+++ b/components/com_content/controllers/article.php
@@ -263,7 +263,7 @@ public function getModel($name = 'form', $prefix = '', $config = array('ignore_r
* @param integer $recordId The primary key id for the item.
* @param string $urlVar The name of the URL variable for the id.
*
- * @return string The arguments to append to the redirect URL.
+ * @return string The arguments to append to the redirect URL.
*
* @since 1.6
*/
@@ -296,7 +296,6 @@ protected function getRedirectToItemAppend($recordId = null, $urlVar = 'a_id')
}
$itemId = $this->input->getInt('Itemid');
- $return = $this->getReturnPage();
$catId = $this->input->getInt('catid');
if ($itemId)
@@ -309,9 +308,12 @@ protected function getRedirectToItemAppend($recordId = null, $urlVar = 'a_id')
$append .= '&catid=' . $catId;
}
+ $return = $this->getReturnPage();
+
if ($return)
{
- $append .= '&return=' . base64_encode($return);
+ // Beacause of J3.x bug in Joomla\Uri\AbstractUri::buildQuery the return value has to be encoded twice
+ $append .= '&return=' . urlencode(urlencode(base64_encode($return)));
}
return $append;
@@ -334,10 +336,8 @@ protected function getReturnPage()
{
return JUri::base();
}
- else
- {
- return base64_decode($return);
- }
+
+ return base64_decode($return);
}
/**
diff --git a/components/com_content/helpers/icon.php b/components/com_content/helpers/icon.php
index cadcc20afd556..d470855cc16b7 100644
--- a/components/com_content/helpers/icon.php
+++ b/components/com_content/helpers/icon.php
@@ -30,9 +30,7 @@ abstract class JHtmlIcon
*/
public static function create($category, $params, $attribs = array(), $legacy = false)
{
- $uri = JUri::getInstance();
-
- $url = 'index.php?option=com_content&task=article.add&return=' . base64_encode($uri) . '&a_id=0&catid=' . $category->id;
+ $url = 'index.php?option=com_content&task=article.add&a_id=0&catid=' . $category->id . '&return=return';
$text = JLayoutHelper::render('joomla.content.icons.create', array('params' => $params, 'legacy' => $legacy));
@@ -46,7 +44,11 @@ public static function create($category, $params, $attribs = array(), $legacy =
$attribs['class'] = 'btn btn-primary';
}
- $button = JHtml::_('link', JRoute::_($url), $text, $attribs);
+ $return = base64_encode(JUri::getInstance());
+
+ $url = str_replace('return=return', 'return=' . urlencode($return), JRoute::_($url));
+
+ $button = JHtml::_('link', $url, $text, $attribs);
$output = '' . $button . '';
@@ -101,9 +103,6 @@ public static function email($article, $params, $attribs = array(), $legacy = fa
*/
public static function edit($article, $params, $attribs = array(), $legacy = false)
{
- $user = JFactory::getUser();
- $uri = JUri::getInstance();
-
// Ignore if in a popup window.
if ($params && $params->get('popup'))
{
@@ -120,7 +119,7 @@ public static function edit($article, $params, $attribs = array(), $legacy = fal
if (property_exists($article, 'checked_out')
&& property_exists($article, 'checked_out_time')
&& $article->checked_out > 0
- && $article->checked_out != $user->get('id'))
+ && $article->checked_out != JFactory::getUser()->get('id'))
{
$checkoutUser = JFactory::getUser($article->checked_out);
$date = JHtml::_('date', $article->checked_out_time);
@@ -129,26 +128,13 @@ public static function edit($article, $params, $attribs = array(), $legacy = fal
$text = JLayoutHelper::render('joomla.content.icons.edit_lock', array('tooltip' => $tooltip, 'legacy' => $legacy));
- $output = JHtml::_('link', '#', $text, $attribs);
-
- return $output;
- }
-
- $contentUrl = ContentHelperRoute::getArticleRoute($article->slug, $article->catid, $article->language);
- $url = $contentUrl . '&task=article.edit&a_id=' . $article->id . '&return=' . base64_encode($uri);
-
- if ($article->state == 0)
- {
- $overlib = JText::_('JUNPUBLISHED');
- }
- else
- {
- $overlib = JText::_('JPUBLISHED');
+ return JHtml::_('link', '#', $text, $attribs);
}
$date = JHtml::_('date', $article->created);
$author = $article->created_by_alias ?: $article->author;
+ $overlib = JText::_($article->state == 0 ? 'JUNPUBLISHED' : 'JPUBLISHED');
$overlib .= '<br />';
$overlib .= $date;
$overlib .= '<br />';
@@ -156,10 +142,15 @@ public static function edit($article, $params, $attribs = array(), $legacy = fal
$text = JLayoutHelper::render('joomla.content.icons.edit', array('article' => $article, 'overlib' => $overlib, 'legacy' => $legacy));
- $attribs['title'] = JText::_('JGLOBAL_EDIT_TITLE');
- $output = JHtml::_('link', JRoute::_($url), $text, $attribs);
+ $attribs['title'] = JText::_('JGLOBAL_EDIT_TITLE');
- return $output;
+ $return = base64_encode(JUri::getInstance());
+
+ $url = ContentHelperRoute::getArticleRoute($article->slug, $article->catid, $article->language)
+ . '&task=article.edit&a_id=' . $article->id . '&return=return';
+ $url = str_replace('return=return', 'return=' . urlencode($return), JRoute::_($url));
+
+ return JHtml::_('link', $url, $text, $attribs);
}
/**
diff --git a/components/com_content/views/article/view.html.php b/components/com_content/views/article/view.html.php
index 8f5b15ea49daa..d58cc83856a5f 100644
--- a/components/com_content/views/article/view.html.php
+++ b/components/com_content/views/article/view.html.php
@@ -149,7 +149,11 @@ public function display($tpl = null)
if ($this->user->get('guest'))
{
$return = base64_encode(JUri::getInstance());
- $login_url_with_return = JRoute::_('index.php?option=com_users&return=' . $return);
+
+ // Beacause of J3.x bug in Joomla\Uri\AbstractUri::buildQuery the return value has to be encoded later
+ $login_url_with_return = JRoute::_('index.php?option=com_users&view=login&return=return', false);
+ $login_url_with_return = str_replace('return=return', 'return=' . urlencode($return), $login_url_with_return);
+
$app->enqueueMessage(JText::_('JERROR_ALERTNOAUTHOR'), 'notice');
$app->redirect($login_url_with_return, 403);
}
diff --git a/components/com_users/controllers/user.php b/components/com_users/controllers/user.php
index 0912f4b664c09..9305066a13618 100644
--- a/components/com_users/controllers/user.php
+++ b/components/com_users/controllers/user.php
@@ -289,7 +289,10 @@ public function menulogout()
}
// Logout and redirect
- $this->setRedirect('index.php?option=com_users&task=user.logout&' . JSession::getFormToken() . '=1&return=' . base64_encode($url));
+ $this->setRedirect(
+ 'index.php?option=com_users&task=user.logout&'
+ . JSession::getFormToken() . '=1&return=' . urlencode(base64_encode($url))
+ );
}
/**
diff --git a/libraries/src/MVC/Controller/FormController.php b/libraries/src/MVC/Controller/FormController.php
index deeb98496ddda..1af6e41febc4d 100644
--- a/libraries/src/MVC/Controller/FormController.php
+++ b/libraries/src/MVC/Controller/FormController.php
@@ -480,7 +480,8 @@ protected function getRedirectToItemAppend($recordId = null, $urlVar = 'id')
if ($return)
{
- $append .= '&return=' . $return;
+ // Beacause of J3.x bug in Joomla\Uri\AbstractUri::buildQuery the return value has to be encoded twice
+ $append .= '&return=' . urlencode(urlencode($return));
}
return $append;