diff options
| author | Lester Caine <lester@lsces.co.uk> | 2026-06-06 22:45:38 +0100 |
|---|---|---|
| committer | Lester Caine <lester@lsces.co.uk> | 2026-06-06 22:45:38 +0100 |
| commit | f70cb1f12cca1111866190cf3f25503147888841 (patch) | |
| tree | 30945c4b69f701afe4d4eda2124c34d60eaedefd /validate.php | |
| parent | 9aef415da161a95c2699c9de98ebcb3cd4a39587 (diff) | |
| download | users-f70cb1f12cca1111866190cf3f25503147888841.tar.gz users-f70cb1f12cca1111866190cf3f25503147888841.tar.bz2 users-f70cb1f12cca1111866190cf3f25503147888841.zip | |
users: redirect admin to installer after login if upgrade is required
After a successful admin login, if the database version is behind
MIN_BIT_VERSION, redirect directly to install.php rather than relying
on session-based loginfrom. During INSTALLER_FORCE the session cookie
name can differ between pages (bit-user-bitweaver vs bit-user-lscesmainsite)
because kernel_config may not be fully loaded, making loginfrom unreliable.
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
Diffstat (limited to 'validate.php')
| -rwxr-xr-x | validate.php | 7 |
1 files changed, 7 insertions, 0 deletions
diff --git a/validate.php b/validate.php index dd91b29..09ef16c 100755 --- a/validate.php +++ b/validate.php @@ -151,6 +151,13 @@ if( !empty( $tpl ) ) { $redirectUrl = $gBitUser->getPostLoginUrl(); } +// If the admin just logged in and the installer is still required, go there directly. +// This bypasses the unreliable session-based loginfrom mechanism used during upgrades, +// where the session cookie name can differ between pages if kernel_config isn't fully loaded. +if( $gBitUser->isAdmin() && !empty( $gBitSystem->mConfig ) && version_compare( MIN_BIT_VERSION, $gBitSystem->getVersion(), '>' ) ) { + KernelTools::bit_redirect( INSTALL_PKG_URL.'install.php' ); +} + if( !empty( $redirectUrl ) ) { KernelTools::bit_redirect( $redirectUrl ); } |