Redirect to last URL after relogin when session timed out, fixes #443
Signed-off-by: Roman Schmerold (BNoiZe) <bnoize@froxlor.org>
This commit is contained in:
Roman Schmerold (BNoiZe)
@@ -57,7 +57,7 @@ if ($page == 'overview' && $userinfo['change_serversettings'] == '1') {
|
||||
|
||||
// check if the session timeout is too low #815
|
||||
if (isset($_POST['session_sessiontimeout'])
|
||||
&& $_POST['session_sessiontimeout'] <= 60
|
||||
&& $_POST['session_sessiontimeout'] < 60
|
||||
) {
|
||||
standard_error($lng['error']['session_timeout'], $lng['error']['session_timeout_desc']);
|
||||
}
|
||||
|
||||
30
index.php
30
index.php
@@ -206,15 +206,29 @@ if ($action == 'login') {
|
||||
);
|
||||
}
|
||||
Database::pexecute($stmt, $params);
|
||||
|
||||
|
||||
$qryparams = array();
|
||||
if (isset($_POST['qrystr']) && $_POST['qrystr'] != "") {
|
||||
parse_str(urldecode($_POST['qrystr']), $qryparams);
|
||||
}
|
||||
$qryparams['s'] = $s;
|
||||
|
||||
if ($userinfo['adminsession'] == '1') {
|
||||
if (hasUpdates($version)) {
|
||||
redirectTo('admin_updates.php', array('s' => $s), true);
|
||||
} else {
|
||||
redirectTo('admin_index.php', array('s' => $s), true);
|
||||
if (isset($_POST['script']) && $_POST['script'] != "") {
|
||||
redirectTo($_POST['script'], $qryparams, true);
|
||||
} else {
|
||||
redirectTo('admin_index.php', $qryparams, true);
|
||||
}
|
||||
}
|
||||
} else {
|
||||
redirectTo('customer_index.php', array('s' => $s), true);
|
||||
if (isset($_POST['script']) && $_POST['script'] != "") {
|
||||
redirectTo($_POST['script'], $qryparams, true);
|
||||
} else {
|
||||
redirectTo('customer_index.php', $qryparams, true);
|
||||
}
|
||||
}
|
||||
} else {
|
||||
redirectTo('index.php', array('showmessage' => '2'), true);
|
||||
@@ -261,6 +275,16 @@ if ($action == 'login') {
|
||||
if (hasUpdates($version)) {
|
||||
$update_in_progress = $lng['update']['updateinprogress_onlyadmincanlogin'];
|
||||
}
|
||||
|
||||
// Pass the last used page if needed
|
||||
$lastscript = "";
|
||||
if (isset($_REQUEST['script']) && $_REQUEST['script'] != "") {
|
||||
$lastscript = $_REQUEST['script'];
|
||||
}
|
||||
$lastqrystr = "";
|
||||
if (isset($_REQUEST['qrystr']) && $_REQUEST['qrystr'] != "") {
|
||||
$lastqrystr = $_REQUEST['qrystr'];
|
||||
}
|
||||
|
||||
eval("echo \"" . getTemplate('login') . "\";");
|
||||
}
|
||||
|
||||
@@ -367,7 +367,11 @@ if (file_exists($hl_path.'/logo_custom.png')) {
|
||||
*/
|
||||
if ($nosession == 1 && AREA != 'login') {
|
||||
unset($userinfo);
|
||||
redirectTo('index.php');
|
||||
$params = array(
|
||||
"script" => basename($_SERVER["SCRIPT_NAME"]),
|
||||
"qrystr" => $_SERVER["QUERY_STRING"]
|
||||
);
|
||||
redirectTo('index.php', $params);
|
||||
exit;
|
||||
}
|
||||
|
||||
|
||||
2
templates/Sparkle/login/login.tpl
vendored
2
templates/Sparkle/login/login.tpl
vendored
@@ -26,6 +26,8 @@ $header
|
||||
|
||||
<section class="loginsec">
|
||||
<form method="post" action="$filename" enctype="application/x-www-form-urlencoded">
|
||||
<input type="hidden" name="script" value="{$lastscript}" />
|
||||
<input type="hidden" name="qrystr" value="{$lastqrystr}" />
|
||||
<fieldset>
|
||||
<legend>Froxlor - Login</legend>
|
||||
<p>
|
||||
|
||||
Reference in New Issue
Block a user