From 7fc3ac587a695e48b88b03682f8ac528a64a43f4 Mon Sep 17 00:00:00 2001
From: "Roman Schmerold (BNoiZe)" <bnoize@froxlor.org>
Date: Sun, 5 Jan 2014 22:35:26 +0100
Subject: [PATCH] Redirect to last URL after relogin when session timed out,
 fixes #443

Signed-off-by: Roman Schmerold (BNoiZe) <bnoize@froxlor.org>
---
 admin_settings.php                |  2 +-
 index.php                         | 30 +++++++++++++++++++++++++++---
 lib/init.php                      |  6 +++++-
 templates/Sparkle/login/login.tpl |  2 ++
 4 files changed, 35 insertions(+), 5 deletions(-)

diff --git a/admin_settings.php b/admin_settings.php
index c71a1f89..50d99a4e 100644
--- a/admin_settings.php
+++ b/admin_settings.php
@@ -57,7 +57,7 @@ if ($page == 'overview' && $userinfo['change_serversettings'] == '1') {
 		
 		// check if the session timeout is too low #815
 		if (isset($_POST['session_sessiontimeout'])
-			&& $_POST['session_sessiontimeout'] <= 60
+			&& $_POST['session_sessiontimeout'] < 60
 		) {
 			standard_error($lng['error']['session_timeout'], $lng['error']['session_timeout_desc']);
 		}
diff --git a/index.php b/index.php
index c146aafb..39773305 100644
--- a/index.php
+++ b/index.php
@@ -206,15 +206,29 @@ if ($action == 'login') {
 				);
 			}
 			Database::pexecute($stmt, $params);
-
+			
+			$qryparams = array();
+			if (isset($_POST['qrystr']) && $_POST['qrystr'] != "") {
+				parse_str(urldecode($_POST['qrystr']), $qryparams);
+			}
+			$qryparams['s'] = $s;
+			
 			if ($userinfo['adminsession'] == '1') {
 				if (hasUpdates($version)) {
 					redirectTo('admin_updates.php', array('s' => $s), true);
 				} else {
-					redirectTo('admin_index.php', array('s' => $s), true);
+					if (isset($_POST['script']) && $_POST['script'] != "") {
+						redirectTo($_POST['script'], $qryparams, true);
+					} else {
+						redirectTo('admin_index.php', $qryparams, true);
+					}
 				}
 			} else {
-				redirectTo('customer_index.php', array('s' => $s), true);
+				if (isset($_POST['script']) && $_POST['script'] != "") {
+					redirectTo($_POST['script'], $qryparams, true);
+				} else {
+					redirectTo('customer_index.php', $qryparams, true);
+				}
 			}
 		} else {
 			redirectTo('index.php', array('showmessage' => '2'), true);
@@ -261,6 +275,16 @@ if ($action == 'login') {
 		if (hasUpdates($version)) {
 			$update_in_progress = $lng['update']['updateinprogress_onlyadmincanlogin'];
 		}
+		
+		// Pass the last used page if needed
+		$lastscript = "";
+		if (isset($_REQUEST['script']) && $_REQUEST['script'] != "") {
+			$lastscript = $_REQUEST['script'];
+		}
+		$lastqrystr = "";
+		if (isset($_REQUEST['qrystr']) && $_REQUEST['qrystr'] != "") {
+			$lastqrystr = $_REQUEST['qrystr'];
+		}
 
 		eval("echo \"" . getTemplate('login') . "\";");
 	}
diff --git a/lib/init.php b/lib/init.php
index 3136b27c..bfd3e442 100644
--- a/lib/init.php
+++ b/lib/init.php
@@ -367,7 +367,11 @@ if (file_exists($hl_path.'/logo_custom.png')) {
  */
 if ($nosession == 1 && AREA != 'login') {
 	unset($userinfo);
-	redirectTo('index.php');
+	$params = array(
+		"script" => basename($_SERVER["SCRIPT_NAME"]),
+		"qrystr" => $_SERVER["QUERY_STRING"]
+	);
+	redirectTo('index.php', $params);
 	exit;
 }
 
diff --git a/templates/Sparkle/login/login.tpl b/templates/Sparkle/login/login.tpl
index a9be173e..a7c36d56 100644
--- a/templates/Sparkle/login/login.tpl
+++ b/templates/Sparkle/login/login.tpl
@@ -26,6 +26,8 @@ $header
 
 		<section class="loginsec">
 			<form method="post" action="$filename" enctype="application/x-www-form-urlencoded">
+				<input type="hidden" name="script" value="{$lastscript}" />
+				<input type="hidden" name="qrystr" value="{$lastqrystr}" />
 				<fieldset>
 				<legend>Froxlor&nbsp;-&nbsp;Login</legend>
 				<p>