From: Hendrik B. <nh...@us...> - 2010-06-26 22:00:18
|
Update of /cvsroot/arianne/stendhal_website/content/account In directory sfp-cvsdas-4.v30.ch3.sourceforge.com:/tmp/cvs-serv2269/content/account Modified Files: login.php Log Message: If a user clicks on the login link with a target url and you are already logged in, he will be redirected to the target. This is usefull because the non SSL version of the website does not know about the login state (fixes #3018749) Index: login.php =================================================================== RCS file: /cvsroot/arianne/stendhal_website/content/account/login.php,v retrieving revision 1.10 retrieving revision 1.11 diff -C2 -d -r1.10 -r1.11 *** login.php 21 Jun 2010 19:46:26 -0000 1.10 --- login.php 26 Jun 2010 22:00:10 -0000 1.11 *************** *** 4,7 **** --- 4,11 ---- class LoginPage extends Page { + + public function writeHttpHeader() { + return $this->handleRedirectIfAlreadyLoggedIn(); + } public function writeHtmlHeader() { *************** *** 27,30 **** --- 31,43 ---- } + function handleRedirectIfAlreadyLoggedIn() { + $url = $this->getUrl(); + if ($url != '/' && checkLogin()) { + header('Location: '.STENDHAL_LOGIN_TARGET.$url); + return false; + } + return true; + } + function checkLoginForm() { *************** *** 85,89 **** } ! $url = $_POST['url']; if (!isset($url)) { $url = '/'; --- 98,110 ---- } ! echo "<meta http-equiv=\"Refresh\" content=\"1;url=".htmlspecialchars($this->getUrl())."\">"; ! startBox("Login"); ! echo '<h1>Login correct.</h1> Moving to main page.'; ! endBox(); ! return true; ! } ! ! function getUrl() { ! $url = $_REQUEST['url']; if (!isset($url)) { $url = '/'; *************** *** 92,103 **** $url = '/'.$url; } ! echo "<meta http-equiv=\"Refresh\" content=\"1;url=".htmlspecialchars($url)."\">"; ! startBox("Login"); ! echo '<h1>Login correct.</h1> Moving to main page.'; ! endBox(); ! return true; } - function displayLoginForm() { startBox("Login"); --- 113,123 ---- $url = '/'.$url; } ! // prevent header splitting ! if (strpos($url, '\r') || strpos($url, '\n')) { ! $url = '/'; ! } ! return $url; } function displayLoginForm() { startBox("Login"); |