From b7481096c8921801d3632d16343150a17e349b35 Mon Sep 17 00:00:00 2001
From: chinpei215 <chinpei215@hotmail.com>
Date: Sun, 4 Dec 2016 20:06:24 +0900
Subject: [PATCH 1/2] Fix redirectUrl issue when loginRedirect is empty

Fixes #9819
---
 lib/Cake/Controller/Component/AuthComponent.php     |  3 +++
 .../Case/Controller/Component/AuthComponentTest.php | 13 +++++++++++++
 2 files changed, 16 insertions(+)

diff --git a/lib/Cake/Controller/Component/AuthComponent.php b/lib/Cake/Controller/Component/AuthComponent.php
index 3e62e2cc9..29a0e49b3 100644
--- a/lib/Cake/Controller/Component/AuthComponent.php
+++ b/lib/Cake/Controller/Component/AuthComponent.php
@@ -742,6 +742,9 @@ class AuthComponent extends Component {
 
 			if (Router::normalize($redir) === Router::normalize($this->loginAction)) {
 				$redir = $this->loginRedirect;
+				if (!$redir) {
+					$redir = '/';
+				}
 			}
 		} elseif ($this->loginRedirect) {
 			$redir = $this->loginRedirect;
diff --git a/lib/Cake/Test/Case/Controller/Component/AuthComponentTest.php b/lib/Cake/Test/Case/Controller/Component/AuthComponentTest.php
index 4514e5ec8..e8f674e77 100644
--- a/lib/Cake/Test/Case/Controller/Component/AuthComponentTest.php
+++ b/lib/Cake/Test/Case/Controller/Component/AuthComponentTest.php
@@ -1652,6 +1652,19 @@ class AuthComponentTest extends CakeTestCase {
 		Router::reload();
 	}
 
+/**
+ * Test that redirectUrl() returns '/' if loginRedirect is empty
+ * and Auth.redirect is the login page.
+ *
+ * @return void
+ */
+	public function testRedirectUrlWithoutLoginRedirect() {
+		$this->Auth->Session->write('Auth.redirect', '/users/login');
+		$this->Auth->request->addParams(Router::parse('/users/login'));
+		$result = $this->Auth->redirectUrl();
+		$this->assertEquals('/', $result);
+	}
+
 /**
  * test password hashing
  *

From 26731b93bf972c041f1c4bc9a1816fcbafd48eaa Mon Sep 17 00:00:00 2001
From: chinpei215 <chinpei215@hotmail.com>
Date: Sun, 4 Dec 2016 21:55:29 +0900
Subject: [PATCH 2/2] Use ternary operator

---
 lib/Cake/Controller/Component/AuthComponent.php              | 5 +----
 .../Test/Case/Controller/Component/AuthComponentTest.php     | 1 +
 2 files changed, 2 insertions(+), 4 deletions(-)

diff --git a/lib/Cake/Controller/Component/AuthComponent.php b/lib/Cake/Controller/Component/AuthComponent.php
index 29a0e49b3..54e7034ab 100644
--- a/lib/Cake/Controller/Component/AuthComponent.php
+++ b/lib/Cake/Controller/Component/AuthComponent.php
@@ -741,10 +741,7 @@ class AuthComponent extends Component {
 			$this->Session->delete('Auth.redirect');
 
 			if (Router::normalize($redir) === Router::normalize($this->loginAction)) {
-				$redir = $this->loginRedirect;
-				if (!$redir) {
-					$redir = '/';
-				}
+				$redir = $this->loginRedirect ?: '/';
 			}
 		} elseif ($this->loginRedirect) {
 			$redir = $this->loginRedirect;
diff --git a/lib/Cake/Test/Case/Controller/Component/AuthComponentTest.php b/lib/Cake/Test/Case/Controller/Component/AuthComponentTest.php
index e8f674e77..5da15d1e9 100644
--- a/lib/Cake/Test/Case/Controller/Component/AuthComponentTest.php
+++ b/lib/Cake/Test/Case/Controller/Component/AuthComponentTest.php
@@ -1659,6 +1659,7 @@ class AuthComponentTest extends CakeTestCase {
  * @return void
  */
 	public function testRedirectUrlWithoutLoginRedirect() {
+		$this->Auth->loginRedirect = null;
 		$this->Auth->Session->write('Auth.redirect', '/users/login');
 		$this->Auth->request->addParams(Router::parse('/users/login'));
 		$result = $this->Auth->redirectUrl();