From 3ab88a8c989998590a28d56f82c9f528cc2a3af5 Mon Sep 17 00:00:00 2001
From: "Donald A. Lobo" <lobo@civicrm.org>
Date: Sat, 19 Oct 2013 09:58:00 -0700
Subject: [PATCH] CRM-13621 - add ability to redirect to main entry point for
 public pages

----------------------------------------
* CRM-13621: Handle invalid session errors especially for public pages in a nicer manner
  http://issues.civicrm.org/jira/browse/CRM-13621
---
 CRM/Contribute/Controller/Contribution.php |  5 ++
 CRM/Core/Controller.php                    | 55 ++++++++++++++++++++--
 CRM/Core/Form.php                          |  3 ++
 CRM/Event/Controller/Registration.php      |  5 ++
 CRM/Utils/System.php                       | 22 +++++++--
 5 files changed, 82 insertions(+), 8 deletions(-)

diff --git a/CRM/Contribute/Controller/Contribution.php b/CRM/Contribute/Controller/Contribution.php
index 129c092994..b181a36615 100644
--- a/CRM/Contribute/Controller/Contribution.php
+++ b/CRM/Contribute/Controller/Contribution.php
@@ -67,5 +67,10 @@ class CRM_Contribute_Controller_Contribution extends CRM_Core_Controller {
       $this->addActions();
     }
   }
+
+  function invalidKey() {
+    $this->invalidKeyRedirect();
+  }
+
 }
 
diff --git a/CRM/Core/Controller.php b/CRM/Core/Controller.php
index e38e240aea..6431b4eb26 100644
--- a/CRM/Core/Controller.php
+++ b/CRM/Core/Controller.php
@@ -145,6 +145,14 @@ class CRM_Core_Controller extends HTML_QuickForm_Controller {
    */
   public $_destination = NULL;
 
+  /**
+   * The entry url for a top level form or wizard. Typically the URL with a reset=1
+   * used to redirect back to when we land into some session wierdness
+   *
+   * @var string
+   */
+  public $_entryURL = NULL;
+
   /**
    * All CRM single or multi page pages should inherit from this class.
    *
@@ -176,6 +184,18 @@ class CRM_Core_Controller extends HTML_QuickForm_Controller {
       self::$_session = CRM_Core_Session::singleton();
     }
 
+    // lets try to get it from the session and/or the request vars
+    // we do this early on in case there is a fatal error in retrieving the
+    // key and/or session
+    $this->_entryURL = CRM_Utils_Request::retrieve(
+      'entryURL',
+      'String',
+      $this,
+      FALSE,
+      NULL,
+      $_REQUEST
+    );
+
     // add a unique validable key to the name
     $name         = CRM_Utils_System::getClassName($this);
     if ($name == 'CRM_Core_Controller_Simple' && !empty($scope)) {
@@ -229,9 +249,14 @@ class CRM_Core_Controller extends HTML_QuickForm_Controller {
       }
     }
 
-    // if the request has a reset value, initialize the controller session
+   // if the request has a reset value, initialize the controller session
     if (CRM_Utils_Array::value('reset', $_GET)) {
       $this->reset();
+
+      // in this case we'll also cache the url as a hidden form variable, this allows us to
+      // redirect in case the session has disappeared on us
+      $this->_entryURL = CRM_Utils_System::makeURL(NULL, TRUE, FALSE, NULL, TRUE);
+      $this->set('entryURL', $this->_entryURL);
     }
 
     // set the key in the session
@@ -241,8 +266,13 @@ class CRM_Core_Controller extends HTML_QuickForm_Controller {
 
 
     // also retrieve and store destination in session
-    $this->_destination = CRM_Utils_Request::retrieve('civicrmDestination', 'String', $this,
-      FALSE, NULL, $_REQUEST
+    $this->_destination = CRM_Utils_Request::retrieve(
+      'civicrmDestination',
+      'String',
+      $this,
+      FALSE,
+      NULL,
+      $_REQUEST
     );
   }
 
@@ -757,8 +787,27 @@ class CRM_Core_Controller extends HTML_QuickForm_Controller {
    *
    */
   public function invalidKey() {
+    self::invalidKeyCommon();
+  }
+
+  public function invalidKeyCommon() {
     $msg = ts('We can\'t load the requested web page. This page requires cookies to be enabled in your browser settings. Please check this setting and enable cookies (if they are not enabled). Then try again. If this error persists, contact the site adminstrator for assistance.') . '<br /><br />' . ts('Site Administrators: This error may indicate that users are accessing this page using a domain or URL other than the configured Base URL. EXAMPLE: Base URL is http://example.org, but some users are accessing the page via http://www.example.org or a domain alias like http://myotherexample.org.') . '<br /><br />' . ts('Error type: Could not find a valid session key.');
     CRM_Core_Error::fatal($msg);
   }
 
+  /**
+   * Instead of outputting a fatal error message, we'll just redirect to the entryURL if present
+   *
+   * @return void
+   */
+  public function invalidKeyRedirect() {
+    if ($this->_entryURL) {
+      CRM_Core_Session::setStatus(ts('We need a simple clear error message here'));
+      return CRM_Utils_System::redirect($this->_entryURL);
+    }
+    else {
+      self::invalidKeyCommon();
+    }
+  }
+
 }
diff --git a/CRM/Core/Form.php b/CRM/Core/Form.php
index 5167ab339d..5fcc342d2d 100644
--- a/CRM/Core/Form.php
+++ b/CRM/Core/Form.php
@@ -360,6 +360,9 @@ class CRM_Core_Form extends HTML_QuickForm_Page {
       $this->assign('qfKey', $this->controller->_key);
     }
 
+    if ($this->controller->_entryURL) {
+      $this->addElement('hidden', 'entryURL', $this->controller->_entryURL);
+    }
 
     $this->buildQuickForm();
 
diff --git a/CRM/Event/Controller/Registration.php b/CRM/Event/Controller/Registration.php
index 485ed07c8a..31b62bfe4b 100644
--- a/CRM/Event/Controller/Registration.php
+++ b/CRM/Event/Controller/Registration.php
@@ -57,5 +57,10 @@ class CRM_Event_Controller_Registration extends CRM_Core_Controller {
       $this->addActions();
     }
   }
+
+  function invalidKey() {
+    $this->invalidKeyRedirect();
+  }
+
 }
 
diff --git a/CRM/Utils/System.php b/CRM/Utils/System.php
index 63b218e854..4a1eb20c93 100644
--- a/CRM/Utils/System.php
+++ b/CRM/Utils/System.php
@@ -47,11 +47,15 @@ class CRM_Utils_System {
    * pager, sort and qfc
    *
    * @param string $urlVar the url variable being considered (i.e. crmPageID, crmSortID etc)
+   * @param boolean $includeReset - should we include or ignore the reset GET string (if present)
+   * @param boolean $includeForce - should we include or ignore the force GET string (if present)
+   * @param string  $path - the path to use for the new url
+   * @param string  $absolute - do we need a absolute or relative URL?
    *
    * @return string the url fragment
    * @access public
    */
-  static function makeURL($urlVar, $includeReset = FALSE, $includeForce = TRUE, $path = NULL) {
+  static function makeURL($urlVar, $includeReset = FALSE, $includeForce = TRUE, $path = NULL, $absolute = FALSE) {
     if (empty($path)) {
       $config = CRM_Core_Config::singleton();
       $path = CRM_Utils_Array::value($config->userFrameworkURLVar, $_GET);
@@ -60,9 +64,12 @@ class CRM_Utils_System {
       }
     }
 
-    return self::url($path,
-      CRM_Utils_System::getLinksUrl($urlVar, $includeReset, $includeForce)
-    );
+    return
+      self::url(
+        $path,
+        CRM_Utils_System::getLinksUrl($urlVar, $includeReset, $includeForce),
+        $absolute
+      );
   }
 
   /**
@@ -131,7 +138,12 @@ class CRM_Utils_System {
     $querystring = array_merge($querystring, array_unique($arrays));
     $querystring = array_map('htmlentities', $querystring);
 
-    return implode('&amp;', $querystring) . (!empty($querystring) ? '&amp;' : '') . $urlVar . '=';
+    $url = implode('&amp;', $querystring);
+    if ($urlVar) {
+      $url .= (!empty($querystring) ? '&amp;' : '') . $urlVar . '=';
+    }
+
+    return $url;
   }
 
   /**
-- 
2.25.1