diff --git a/src/www/system_certmanager.php b/src/www/system_certmanager.php index 35b178d59..7563a96f8 100644 --- a/src/www/system_certmanager.php +++ b/src/www/system_certmanager.php @@ -492,7 +492,7 @@ if ($_SERVER['REQUEST_METHOD'] === 'GET') { if (count($input_errors) == 0) { write_config(); if (isset($userid)) { - header(url_safe('Location: /system_usermanager.php?act=edit&userid=%s', array($userid))); + header(url_safe('Location: /system_usermanager.php?act=edit&userid=%d', array($userid))); } else { header(url_safe('Location: /system_certmanager.php')); } diff --git a/src/www/system_usermanager.php b/src/www/system_usermanager.php index cfb334f06..58dbd1810 100644 --- a/src/www/system_usermanager.php +++ b/src/www/system_usermanager.php @@ -191,7 +191,7 @@ if ($_SERVER['REQUEST_METHOD'] === 'GET') { unset($a_user[$id]['cert'][$pconfig['certid']]); write_config(); $savemsg = sprintf(gettext('The certificate association "%s" was successfully removed.'), $certdeleted); - header(url_safe('Location: /system_usermanager.php?savemsg=%s&act=edit&userid=%s', array($savemsg, $id))); + header(url_safe('Location: /system_usermanager.php?savemsg=%s&act=edit&userid=%d', array($savemsg, $id))); exit; } elseif ($act == "newApiKey" && isset($id)) { // every action is using the sequence of the user, to keep it understandable, we will use @@ -217,7 +217,7 @@ if ($_SERVER['REQUEST_METHOD'] === 'GET') { $savemsg = gettext('No API key found'); } // redirect - header(url_safe('Location: /system_usermanager.php?savemsg=%s&act=edit&userid=%s', array($savemsg, $id))); + header(url_safe('Location: /system_usermanager.php?savemsg=%s&act=edit&userid=%d', array($savemsg, $id))); exit; } elseif (isset($pconfig['save']) || isset($pconfig['save_close'])) { // save user @@ -387,14 +387,13 @@ if ($_SERVER['REQUEST_METHOD'] === 'GET') { write_config(); if (!empty($pconfig['chkNewCert'])) { - // redirect to cert manager when a new cert is requested for this user - header(url_safe('Location: /system_certmanager.php?act=new&userid=%s', array(isset($id) ? $id : count($a_user) - 1))); + header(url_safe('Location: /system_certmanager.php?act=new&userid=%d', array(isset($id) ? $id : count($a_user) - 1))); } elseif (isset($pconfig['save_close'])) { header(url_safe('Location: /system_usermanager.php?savemsg=%s', array(get_std_save_message()))); } else { - header(url_safe('Location: /system_usermanager.php?act=edit&userid=%s&savemsg=%s', array(isset($id) ? $id : count($a_user) - 1, get_std_save_message()))); - exit; + header(url_safe('Location: /system_usermanager.php?act=edit&userid=%d&savemsg=%s', array(isset($id) ? $id : count($a_user) - 1, get_std_save_message()))); } + exit; } } else { header(url_safe('Location: /system_usermanager.php')); diff --git a/src/www/system_usermanager_addprivs.php b/src/www/system_usermanager_addprivs.php index 6bd017f0f..71a2dacdb 100644 --- a/src/www/system_usermanager_addprivs.php +++ b/src/www/system_usermanager_addprivs.php @@ -73,7 +73,7 @@ if ($_SERVER['REQUEST_METHOD'] === 'GET') { $retval = write_config(); $savemsg = get_std_save_message(); - header(url_safe('Location: /system_usermanager.php?act=edit&userid=%s&savemsg=%s', array($userid, $savemsg))); + header(url_safe('Location: /system_usermanager.php?act=edit&userid=%d&savemsg=%s', array($userid, $savemsg))); exit; } elseif ($_POST['input_type'] == 'group' && isset($config['system']['group'][$pconfig['id']]['name'])) { $groupid = $_POST['id'];