SquirrelMail

On 10/25/06, Jan Hugo Prins <jhp@...> wrote:
> Hi,
>
> I'm currently setting up squirrelmail for several domains. I do this
> using the vlogin plugin.
> Because we want the user to access the squirrelmail page through SSL we
> have created proxy url's for webmail.domain.com that redirects the
> webmail to
> https://Secure.provider.com/squirrelmail/src/login.php?domain=domain.com.
> In vlogin I have configured this, so the correct vhost configuration is
> interpreted.
>
> This works fine, except for one thing. The moment the users fails his
> login or logs out of squirrelmail he ends up on the redirect link or the
> signout page. The signout page is no problem because I can change this
> for every domain to for example there login page. But the redirect page
> is a bigger problem because on the redirect.php page there is a link to
> login again and this one points to:
> https://Secure.provider.com/squirrelmail/src/login.php
>
> As you can see I've lost the ?domain=domain.com part here so the users
> all get the default site.
>
> Can this be changed somewhere?

http://squirrelmail.org/plugin_view.php?id=246

However, if you want to dynamically build the URI without manually
inserting it in every domain part of the $virtualDomains array, we
might need to figure out a way to allow dynamic code (regexp, etc) in
the value of the custom login URI.  Let me know if this is the case
and I can put something together.

 - paul

Paul Lesniewski wrote:
> On 10/25/06, Jan Hugo Prins <jhp@...> wrote:
>> Hi,
>>
>> I'm currently setting up squirrelmail for several domains. I do this
>> using the vlogin plugin.
>> Because we want the user to access the squirrelmail page through SSL we
>> have created proxy url's for webmail.domain.com that redirects the
>> webmail to
>> https://Secure.provider.com/squirrelmail/src/login.php?domain=domain.com. 
>>
>> In vlogin I have configured this, so the correct vhost configuration is
>> interpreted.
>>
>> This works fine, except for one thing. The moment the users fails his
>> login or logs out of squirrelmail he ends up on the redirect link or the
>> signout page. The signout page is no problem because I can change this
>> for every domain to for example there login page. But the redirect page
>> is a bigger problem because on the redirect.php page there is a link to
>> login again and this one points to:
>> https://Secure.provider.com/squirrelmail/src/login.php
>>
>> As you can see I've lost the ?domain=domain.com part here so the users
>> all get the default site.
>>
>> Can this be changed somewhere?
>
> http://squirrelmail.org/plugin_view.php?id=246
>
> However, if you want to dynamically build the URI without manually
> inserting it in every domain part of the $virtualDomains array, we
> might need to figure out a way to allow dynamic code (regexp, etc) in
> the value of the custom login URI.  Let me know if this is the case
> and I can put something together.
>
> - paul
Als ik dit doe krijg ik de volgende melding als ik probeer te connecten:

The page isn't redirecting properly
Firefox has detected that the server is redirecting the request for this 
address in a way that will never complete.
    *   This problem can sometimes be caused by disabling or refusing to 
accept
          cookies.


Jan Hugo Prins

Jan Hugo Prins wrote:
> Als ik dit doe krijg ik de volgende melding als ik probeer te connecten:
>
> The page isn't redirecting properly
> Firefox has detected that the server is redirecting the request for this 
> address in a way that will never complete.
>     *   This problem can sometimes be caused by disabling or refusing to 
> accept
>           cookies.
>
>
> Jan Hugo Prins
>   

I think the first line might need a little translation ;-) :

If I do this I get the following error messeage if I try to connect:

Jan Hugo

On 10/26/06, Jan Hugo Prins <jhp@...> wrote:
> Jan Hugo Prins wrote:
> > Als ik dit doe krijg ik de volgende melding als ik probeer te connecten:
> >
> > The page isn't redirecting properly
> > Firefox has detected that the server is redirecting the request for this
> > address in a way that will never complete.
> >     *   This problem can sometimes be caused by disabling or refusing to
> > accept
> >           cookies.

How are you configuring the login page URI?  I have just completed a
modification of the plugin to allow dynamic domain replacement, but
did you find a way to do this without needing such functionality?

Paul Lesniewski wrote:
> On 10/26/06, Jan Hugo Prins <jhp@...> wrote:
>> Jan Hugo Prins wrote:
>> > Als ik dit doe krijg ik de volgende melding als ik probeer te 
>> connecten:
>> >
>> > The page isn't redirecting properly
>> > Firefox has detected that the server is redirecting the request for 
>> this
>> > address in a way that will never complete.
>> >     *   This problem can sometimes be caused by disabling or 
>> refusing to
>> > accept
>> >           cookies.
>
> How are you configuring the login page URI?  I have just completed a
> modification of the plugin to allow dynamic domain replacement, but
> did you find a way to do this without needing such functionality?
This is a typical Virtual Domain array as I want to implement it in 
Squirrelmail vlogin.

  $virtualDomains = array(
      'customer.com' => array(
          'domain'     => 'customer.com',
          'org_name'   => 'Better.be BV',
          'provider_uri'     => 'http://www.customer.com/',
          'signout_page'  => 'https://secure.provider.com/customer/',
          'custom_login_URI' => 
'https://secure.provider.com/squirrelmail/src/login.php?domain=customer.com',
          'org_logo'   => SM_PATH . 'images/Customerlogo.gif',
          'org_logo_width'  => '280',
          'org_logo_height' => '70',
          'org_title'  => 'Customre WebMail / SquirrelMail $version',
          'motd'       => '<H1>Customer Webmail</H1>',
          'ldap_server' => array(
                        0 => array(
                    'host' => 'ldaprepl.lan.provider.com',
                    'base' => 'ou=Users,ou=customer,dc=provider,dc=com',
                    'name' => 'Customer Users',
                    )),
          'settingsWithEmbeddedPHP' => array(
                                      )
      )
  );

This are the rewrite rules on the default httpd of the webserver that 
has to handle all this.

    RewriteCond %{HTTP_HOST}    ^webmail[a-zA-Z0-9\.]*
    RewriteRule ^(.+)           %{HTTP_HOST}$1  [C]
    RewriteRule ^webmail[a-zA-Z0-9]*\.([a-zA-Z0-9\.]*)\/(.*) 
https://secure.provider.com/squirrelmail/src/login.php?domain=$1

    RewriteCond %{HTTP_HOST}    ^squirrel[a-zA-Z0-9\.]*
    RewriteRule ^(.+)           %{HTTP_HOST}$1  [C]
    RewriteRule ^squirrel[a-zA-Z0-9]*\.([a-zA-Z0-9\.]*)\/(.*) 
https://secure.provider.com/squirrelmail/src/login.php?domain=$1

On 10/26/06, Jan Hugo Prins <jhp@...> wrote:
> Paul Lesniewski wrote:
> > On 10/26/06, Jan Hugo Prins <jhp@...> wrote:
> >> Jan Hugo Prins wrote:
> >> > Als ik dit doe krijg ik de volgende melding als ik probeer te
> >> connecten:
> >> >
> >> > The page isn't redirecting properly
> >> > Firefox has detected that the server is redirecting the request for
> >> this
> >> > address in a way that will never complete.
> >> >     *   This problem can sometimes be caused by disabling or
> >> refusing to
> >> > accept
> >> >           cookies.
> >
> > How are you configuring the login page URI?  I have just completed a
> > modification of the plugin to allow dynamic domain replacement, but
> > did you find a way to do this without needing such functionality?
> This is a typical Virtual Domain array as I want to implement it in
> Squirrelmail vlogin.
>
>   $virtualDomains = array(
>       'customer.com' => array(
>           'domain'     => 'customer.com',
>           'org_name'   => 'Better.be BV',
>           'provider_uri'     => 'http://www.customer.com/',
>           'signout_page'  => 'https://secure.provider.com/customer/',
>           'custom_login_URI' =>
> 'https://secure.provider.com/squirrelmail/src/login.php?domain=customer.com',
>           'org_logo'   => SM_PATH . 'images/Customerlogo.gif',
>           'org_logo_width'  => '280',
>           'org_logo_height' => '70',
>           'org_title'  => 'Customre WebMail / SquirrelMail $version',
>           'motd'       => '<H1>Customer Webmail</H1>',
>           'ldap_server' => array(
>                         0 => array(
>                     'host' => 'ldaprepl.lan.provider.com',
>                     'base' => 'ou=Users,ou=customer,dc=provider,dc=com',
>                     'name' => 'Customer Users',
>                     )),
>           'settingsWithEmbeddedPHP' => array(
>                                       )
>       )
>   );
>
> This are the rewrite rules on the default httpd of the webserver that
> has to handle all this.
>
>     RewriteCond %{HTTP_HOST}    ^webmail[a-zA-Z0-9\.]*
>     RewriteRule ^(.+)           %{HTTP_HOST}$1  [C]
>     RewriteRule ^webmail[a-zA-Z0-9]*\.([a-zA-Z0-9\.]*)\/(.*)
> https://secure.provider.com/squirrelmail/src/login.php?domain=$1
>
>     RewriteCond %{HTTP_HOST}    ^squirrel[a-zA-Z0-9\.]*
>     RewriteRule ^(.+)           %{HTTP_HOST}$1  [C]
>     RewriteRule ^squirrel[a-zA-Z0-9]*\.([a-zA-Z0-9\.]*)\/(.*)
> https://secure.provider.com/squirrelmail/src/login.php?domain=$1

Can you make it work by temporarily removing the rewrite rules?  Can
you see what is causing the Firefox error at all?

Paul Lesniewski wrote:
> On 10/26/06, Jan Hugo Prins <jhp@...> wrote:
>   
>> Paul Lesniewski wrote:
>>     
>>> On 10/26/06, Jan Hugo Prins <jhp@...> wrote:
>>>       
>>>> Jan Hugo Prins wrote:
>>>>         
>>>>> Als ik dit doe krijg ik de volgende melding als ik probeer te
>>>>>           
>>>> connecten:
>>>>         
>>>>> The page isn't redirecting properly
>>>>> Firefox has detected that the server is redirecting the request for
>>>>>           
>>>> this
>>>>         
>>>>> address in a way that will never complete.
>>>>>     *   This problem can sometimes be caused by disabling or
>>>>>           
>>>> refusing to
>>>>         
>>>>> accept
>>>>>           cookies.
>>>>>           
>>> How are you configuring the login page URI?  I have just completed a
>>> modification of the plugin to allow dynamic domain replacement, but
>>> did you find a way to do this without needing such functionality?
>>>       
>> This is a typical Virtual Domain array as I want to implement it in
>> Squirrelmail vlogin.
>>
>>   $virtualDomains = array(
>>       'customer.com' => array(
>>           'domain'     => 'customer.com',
>>           'org_name'   => 'Better.be BV',
>>           'provider_uri'     => 'http://www.customer.com/',
>>           'signout_page'  => 'https://secure.provider.com/customer/',
>>           'custom_login_URI' =>
>> 'https://secure.provider.com/squirrelmail/src/login.php?domain=customer.com',
>>           'org_logo'   => SM_PATH . 'images/Customerlogo.gif',
>>           'org_logo_width'  => '280',
>>           'org_logo_height' => '70',
>>           'org_title'  => 'Customre WebMail / SquirrelMail $version',
>>           'motd'       => '<H1>Customer Webmail</H1>',
>>           'ldap_server' => array(
>>                         0 => array(
>>                     'host' => 'ldaprepl.lan.provider.com',
>>                     'base' => 'ou=Users,ou=customer,dc=provider,dc=com',
>>                     'name' => 'Customer Users',
>>                     )),
>>           'settingsWithEmbeddedPHP' => array(
>>                                       )
>>       )
>>   );
>>
>> This are the rewrite rules on the default httpd of the webserver that
>> has to handle all this.
>>
>>     RewriteCond %{HTTP_HOST}    ^webmail[a-zA-Z0-9\.]*
>>     RewriteRule ^(.+)           %{HTTP_HOST}$1  [C]
>>     RewriteRule ^webmail[a-zA-Z0-9]*\.([a-zA-Z0-9\.]*)\/(.*)
>> https://secure.provider.com/squirrelmail/src/login.php?domain=$1
>>
>>     RewriteCond %{HTTP_HOST}    ^squirrel[a-zA-Z0-9\.]*
>>     RewriteRule ^(.+)           %{HTTP_HOST}$1  [C]
>>     RewriteRule ^squirrel[a-zA-Z0-9]*\.([a-zA-Z0-9\.]*)\/(.*)
>> https://secure.provider.com/squirrelmail/src/login.php?domain=$1
>>     
>
> Can you make it work by temporarily removing the rewrite rules?  Can
> you see what is causing the Firefox error at all?
>   
I have removed the rewrite rules in httpd and this does not make any 
difference.

For the rest, if I enable the plugin and don't configure any 
custom_login_URI all the Squirrelmails break.
I have put a config.php in the login_redirect directory containing just 
the following:

<?php

global $custom_login_URI;



// This is the URI to your custom login page
//
// Note that if you use the Virtual Host Login
// (vlogin) plugin, you may configure this
// setting on a per-domain basis by using the
// "login_redirect_custom_login_URI" setting
// in vlogin's configuration and leave this
// blank:
//
//$custom_login_URI = 'http://mydomain.portal.custom/mail_login.html';



?>

On 10/26/06, Jan Hugo Prins <jhp@...> wrote:
> Paul Lesniewski wrote:
> > On 10/26/06, Jan Hugo Prins <jhp@...> wrote:
> >
> >> Paul Lesniewski wrote:
> >>
> >>> On 10/26/06, Jan Hugo Prins <jhp@...> wrote:
> >>>
> >>>> Jan Hugo Prins wrote:
> >>>>
> >>>>> Als ik dit doe krijg ik de volgende melding als ik probeer te
> >>>>>
> >>>> connecten:
> >>>>
> >>>>> The page isn't redirecting properly
> >>>>> Firefox has detected that the server is redirecting the request for
> >>>>>
> >>>> this
> >>>>
> >>>>> address in a way that will never complete.
> >>>>>     *   This problem can sometimes be caused by disabling or
> >>>>>
> >>>> refusing to
> >>>>
> >>>>> accept
> >>>>>           cookies.
> >>>>>
> >>> How are you configuring the login page URI?  I have just completed a
> >>> modification of the plugin to allow dynamic domain replacement, but
> >>> did you find a way to do this without needing such functionality?
> >>>
> >> This is a typical Virtual Domain array as I want to implement it in
> >> Squirrelmail vlogin.
> >>
> >>   $virtualDomains = array(
> >>       'customer.com' => array(
> >>           'domain'     => 'customer.com',
> >>           'org_name'   => 'Better.be BV',
> >>           'provider_uri'     => 'http://www.customer.com/',
> >>           'signout_page'  => 'https://secure.provider.com/customer/',
> >>           'custom_login_URI' =>
> >> 'https://secure.provider.com/squirrelmail/src/login.php?domain=customer.com',
> >>           'org_logo'   => SM_PATH . 'images/Customerlogo.gif',
> >>           'org_logo_width'  => '280',
> >>           'org_logo_height' => '70',
> >>           'org_title'  => 'Customre WebMail / SquirrelMail $version',
> >>           'motd'       => '<H1>Customer Webmail</H1>',
> >>           'ldap_server' => array(
> >>                         0 => array(
> >>                     'host' => 'ldaprepl.lan.provider.com',
> >>                     'base' => 'ou=Users,ou=customer,dc=provider,dc=com',
> >>                     'name' => 'Customer Users',
> >>                     )),
> >>           'settingsWithEmbeddedPHP' => array(
> >>                                       )
> >>       )
> >>   );
> >>
> >> This are the rewrite rules on the default httpd of the webserver that
> >> has to handle all this.
> >>
> >>     RewriteCond %{HTTP_HOST}    ^webmail[a-zA-Z0-9\.]*
> >>     RewriteRule ^(.+)           %{HTTP_HOST}$1  [C]
> >>     RewriteRule ^webmail[a-zA-Z0-9]*\.([a-zA-Z0-9\.]*)\/(.*)
> >> https://secure.provider.com/squirrelmail/src/login.php?domain=$1
> >>
> >>     RewriteCond %{HTTP_HOST}    ^squirrel[a-zA-Z0-9\.]*
> >>     RewriteRule ^(.+)           %{HTTP_HOST}$1  [C]
> >>     RewriteRule ^squirrel[a-zA-Z0-9]*\.([a-zA-Z0-9\.]*)\/(.*)
> >> https://secure.provider.com/squirrelmail/src/login.php?domain=$1
> >>
> >
> > Can you make it work by temporarily removing the rewrite rules?  Can
> > you see what is causing the Firefox error at all?
> >
> I have removed the rewrite rules in httpd and this does not make any
> difference.
>
> For the rest, if I enable the plugin and don't configure any
> custom_login_URI all the Squirrelmails break.

See below.

> I have put a config.php in the login_redirect directory containing just
> the following:

You don't need to have a config file at all if you only use vlogin to
change the URIs.

The problem that I neglected to mention is that the plugin fires on a
hook in the login page, so you get an endless loop.  It was originally
intended to point the browser to a custom page without that hook in
it.  I have now changed the plugin so that it will NOT redirect if the
target URI is the same as the current one.  Sending offlist.

-paul

Paul Lesniewski wrote:
> You don't need to have a config file at all if you only use vlogin to
> change the URIs.
>
> The problem that I neglected to mention is that the plugin fires on a
> hook in the login page, so you get an endless loop.  It was originally
> intended to point the browser to a custom page without that hook in
> it.  I have now changed the plugin so that it will NOT redirect if the
> target URI is the same as the current one.  Sending offlist.
>
> -paul
>
>   

I have just tested the changed plugin and it does not make any difference.

Jan Hugo

After some offlist discussion, bringing this back onlist.

> > >> > >> >> >> > The problem that I neglected to mention is that the
> > >> plugin fires
> > >> > >> >> on a
> > >> > >> >> >> > hook in the login page, so you get an endless loop.  It was
> > >> > >> >> originally
> > >> > >> >> >> > intended to point the browser to a custom page without that
> > >> > >> hook in
> > >> > >> >> >> > it.  I have now changed the plugin so that it will NOT
> > >> redirect
> > >> > >> >> if the
> > >> > >> >> >> > target URI is the same as the current one.  Sending
> > >> offlist.

> > > Wait, you mean on the error page?  The point is supposed to be that it
> > > is fixed on the login page instead.  Do you lose too much context in
> > > the error page uri ?
> > I think your plugin should overrule the  sqm_baseuri function that is
> > defined in strings.php. I think that that is the only way to get the URL
> > right on every location that it is used. Something like sqm_baseuri =
> > custom_login_URI
>
> There is no hook there, and I don't think any need to do that.  It's
> definitely not related to the job of this plugin.  Instead, as I
> mentioned in my last email, try setting "base_uri" in vlogin *instead*
> of the custom login URI.  If that does not work, it also might be very
> possible to get it to work by setting "config_location_base" in
> vlogin.
>
> Oh, wait, I just looked at 1.4.8 and it's not got the flexibility that
> 1.5.2 does.  Ugh.  Try setting "base_uri" in vlogin (you are using
> $useSessionBased in vlogin, right?), and if that doesn't work, we will
> have to hack the source for you.

Without feedback from Jan yet, my tentative tests showed that this
will not work (using vlogin to override "base_uri").  Instead, I have
proposed a slight change to the logout_error hook for the STABLE
stream, which should be applied as follows:

diff -u -r1.57.2.22 display_messages.php
--- functions/display_messages.php      14 May 2006 17:45:29 -0000
 1.57.2.22
+++ functions/display_messages.php      27 Oct 2006 04:09:02 -0000
@@ -71,7 +71,10 @@
         $color[8]  = '#000000';  /* black         Normal text            */
     }

-    list($junk, $errString, $errTitle) = do_hook('logout_error',
$errString, $errTitle);
+    $logout_link = $base_uri . 'src/login.php';
+
+    list($junk, $errString, $errTitle, $logout_link)
+        = do_hook('logout_error', $errString, $errTitle, $logout_link);

     if ( $errTitle == '' ) {
         $errTitle = $errString;
@@ -99,7 +102,7 @@
          '<tr><td align="center">' . $errString . '</td></tr>'.
          '<tr><td bgcolor="'.$color[0].'" align="center">'.
          '<font color="'.$color[2].'"><b>'.
-         '<a href="'.$base_uri.'src/login.php" target="'.$frame_top.'">'.
+         '<a href="'.$logout_link.'" target="'.$frame_top.'">'.
          _("Go to the login page") . '</a></b></font></td></tr>'.
          '</table></td></tr></table></center></body></html>';
 }


Then use the latest version of login_redirect plugin which I will send
offlist as needed.

 - Paul

Paul Lesniewski wrote:
> Without feedback from Jan yet, my tentative tests showed that this
> will not work (using vlogin to override "base_uri").  Instead, I have
> proposed a slight change to the logout_error hook for the STABLE
> stream, which should be applied as follows:
>
> diff -u -r1.57.2.22 display_messages.php
> --- functions/display_messages.php      14 May 2006 17:45:29 -0000
> 1.57.2.22
> +++ functions/display_messages.php      27 Oct 2006 04:09:02 -0000
> @@ -71,7 +71,10 @@
>         $color[8]  = '#000000';  /* black         Normal 
> text            */
>     }
>
> -    list($junk, $errString, $errTitle) = do_hook('logout_error',
> $errString, $errTitle);
> +    $logout_link = $base_uri . 'src/login.php';
> +
> +    list($junk, $errString, $errTitle, $logout_link)
> +        = do_hook('logout_error', $errString, $errTitle, $logout_link);
>
>     if ( $errTitle == '' ) {
>         $errTitle = $errString;
> @@ -99,7 +102,7 @@
>          '<tr><td align="center">' . $errString . '</td></tr>'.
>          '<tr><td bgcolor="'.$color[0].'" align="center">'.
>          '<font color="'.$color[2].'"><b>'.
> -         '<a href="'.$base_uri.'src/login.php" 
> target="'.$frame_top.'">'.
> +         '<a href="'.$logout_link.'" target="'.$frame_top.'">'.
>          _("Go to the login page") . '</a></b></font></td></tr>'.
>          '</table></td></tr></table></center></body></html>';
> }
>
>
> Then use the latest version of login_redirect plugin which I will send
> offlist as needed.
>
> - Paul

Hi Paul,

It took a little bit of time because I was busy with all kinds of other 
stuff, but it looks like everything is for the most part OK now.
The only thing that still fails is when I log out en for some reason 
press the back button on my browser. You end up on the error page 
telling you that you are not authorized to view that page, including a 
link to the login page and this login page is still without the ?domain 
part in it.

Jan Hugo Prins

On 10/31/06, Jan Hugo Prins <jhp@...> wrote:
> Paul Lesniewski wrote:
> > Without feedback from Jan yet, my tentative tests showed that this
> > will not work (using vlogin to override "base_uri").  Instead, I have
> > proposed a slight change to the logout_error hook for the STABLE
> > stream, which should be applied as follows:
> >
> > diff -u -r1.57.2.22 display_messages.php
> > --- functions/display_messages.php      14 May 2006 17:45:29 -0000
> > 1.57.2.22
> > +++ functions/display_messages.php      27 Oct 2006 04:09:02 -0000
> > @@ -71,7 +71,10 @@
> >         $color[8]  = '#000000';  /* black         Normal
> > text            */
> >     }
> >
> > -    list($junk, $errString, $errTitle) = do_hook('logout_error',
> > $errString, $errTitle);
> > +    $logout_link = $base_uri . 'src/login.php';
> > +
> > +    list($junk, $errString, $errTitle, $logout_link)
> > +        = do_hook('logout_error', $errString, $errTitle, $logout_link);
> >
> >     if ( $errTitle == '' ) {
> >         $errTitle = $errString;
> > @@ -99,7 +102,7 @@
> >          '<tr><td align="center">' . $errString . '</td></tr>'.
> >          '<tr><td bgcolor="'.$color[0].'" align="center">'.
> >          '<font color="'.$color[2].'"><b>'.
> > -         '<a href="'.$base_uri.'src/login.php"
> > target="'.$frame_top.'">'.
> > +         '<a href="'.$logout_link.'" target="'.$frame_top.'">'.
> >          _("Go to the login page") . '</a></b></font></td></tr>'.
> >          '</table></td></tr></table></center></body></html>';
> > }
> >
> >
> > Then use the latest version of login_redirect plugin which I will send
> > offlist as needed.
> >
> > - Paul
>
> Hi Paul,
>
> It took a little bit of time because I was busy with all kinds of other
> stuff, but it looks like everything is for the most part OK now.
> The only thing that still fails is when I log out en for some reason
> press the back button on my browser. You end up on the error page
> telling you that you are not authorized to view that page, including a
> link to the login page and this login page is still without the ?domain
> part in it.

At that point, there is no session associated with your browser, and
thus no way to know which domain's login page link should be shown.
I'm not in a position to think this through at the moment, but maybe
it would be possible to re-parse the domain in the address bar and
re-associate the correct login screen?  Does the address the the addr
bar have enough info for that?

On 10/31/06, Paul Lesniewski <paul@...> wrote:
> On 10/31/06, Jan Hugo Prins <jhp@...> wrote:
> > Paul Lesniewski wrote:
> > > Without feedback from Jan yet, my tentative tests showed that this
> > > will not work (using vlogin to override "base_uri").  Instead, I have
> > > proposed a slight change to the logout_error hook for the STABLE
> > > stream, which should be applied as follows:
> > >
> > > diff -u -r1.57.2.22 display_messages.php
> > > --- functions/display_messages.php      14 May 2006 17:45:29 -0000
> > > 1.57.2.22
> > > +++ functions/display_messages.php      27 Oct 2006 04:09:02 -0000
> > > @@ -71,7 +71,10 @@
> > >         $color[8]  = '#000000';  /* black         Normal
> > > text            */
> > >     }
> > >
> > > -    list($junk, $errString, $errTitle) = do_hook('logout_error',
> > > $errString, $errTitle);
> > > +    $logout_link = $base_uri . 'src/login.php';
> > > +
> > > +    list($junk, $errString, $errTitle, $logout_link)
> > > +        = do_hook('logout_error', $errString, $errTitle, $logout_link);
> > >
> > >     if ( $errTitle == '' ) {
> > >         $errTitle = $errString;
> > > @@ -99,7 +102,7 @@
> > >          '<tr><td align="center">' . $errString . '</td></tr>'.
> > >          '<tr><td bgcolor="'.$color[0].'" align="center">'.
> > >          '<font color="'.$color[2].'"><b>'.
> > > -         '<a href="'.$base_uri.'src/login.php"
> > > target="'.$frame_top.'">'.
> > > +         '<a href="'.$logout_link.'" target="'.$frame_top.'">'.
> > >          _("Go to the login page") . '</a></b></font></td></tr>'.
> > >          '</table></td></tr></table></center></body></html>';
> > > }
> > >
> > >
> > > Then use the latest version of login_redirect plugin which I will send
> > > offlist as needed.
> > >
> > > - Paul
> >
> > Hi Paul,
> >
> > It took a little bit of time because I was busy with all kinds of other
> > stuff, but it looks like everything is for the most part OK now.
> > The only thing that still fails is when I log out en for some reason
> > press the back button on my browser. You end up on the error page
> > telling you that you are not authorized to view that page, including a
> > link to the login page and this login page is still without the ?domain
> > part in it.

I have what I think is a fix for this.  I have fixed 1.5.2cvs to
accomodate dynamic configuration for the login link, but I don't
anticipate that this is the kind of change that we will be wanting to
backport to 1.4.x, but don't fear, I have included a patch in the
newest version of login_redirect to fix this issue for people in your
situation.  Will send new versions of login_redirect and vlogin
offlist.  Install those and apply the patch that comes with login
redirect (instructions in the INSTALL file) and let me know.

- paul