This fix uses the POST-Redirect-GET pattern to reload the account update page. Output if buffered to be able to send the correct headers after the account has been successfully modified. Signed-off-by: Marcel Korpel <marcel.korpel@gmail.com> --- web/html/account.php | 12 ++++++++++++ web/lib/acctfuncs.inc.php | 5 +++-- 2 files changed, 15 insertions(+), 2 deletions(-) diff --git a/web/html/account.php b/web/html/account.php index f5e6c19..d6b12aa 100644 --- a/web/html/account.php +++ b/web/html/account.php @@ -19,6 +19,13 @@ if (in_array($action, $need_userinfo)) { $PK = implode("\n", account_get_ssh_keys($row["ID"])); } +if (in_request("Update") == "Succeeded") { + $action = "UpdateSucceeded"; +} + +// start output buffering to be able to send headers at a later point +ob_start(); + if ($action == "AccountInfo") { html_header(__('Account') . ' ' . $row['Username']); } else { @@ -102,6 +109,10 @@ if (isset($_COOKIE["AURSID"])) { in_request("K"), in_request("PK"), in_request("J"), in_request("ID"), $row["Username"]); } + } elseif ($action == "UpdateSucceeded") { + // $tokens[2] contains current username + print __("The account, %s%s%s, has been successfully modified.", + "<strong>", htmlspecialchars($tokens[2], ENT_QUOTES), "</strong>"); } else { if (has_credential(CRED_ACCOUNT_SEARCH)) { # display the search page if they're a TU/dev @@ -124,4 +135,5 @@ echo "</div>"; html_footer(AURWEB_VERSION); +ob_end_flush(); ?> diff --git a/web/lib/acctfuncs.inc.php b/web/lib/acctfuncs.inc.php index b5dc51d..f3927a7 100644 --- a/web/lib/acctfuncs.inc.php +++ b/web/lib/acctfuncs.inc.php @@ -356,8 +356,9 @@ function process_account_form($TYPE,$A,$U="",$T="",$S="",$E="",$P="",$C="", print __("No changes were made to the account, %s%s%s.", "<strong>", htmlspecialchars($U,ENT_QUOTES), "</strong>"); } else { - print __("The account, %s%s%s, has been successfully modified.", - "<strong>", htmlspecialchars($U,ENT_QUOTES), "</strong>"); + // Redirect to account update page containing new username + header('HTTP/1.1 303 See Other'); + header('Location: ' . get_user_uri($U) . 'update/?Update=Succeeded'); } } } -- 2.4.5