diff options
-rw-r--r-- | web/html/login.php | 5 | ||||
-rw-r--r-- | web/lib/acctfuncs.inc.php | 7 |
2 files changed, 11 insertions, 1 deletions
diff --git a/web/html/login.php b/web/html/login.php index f898a578..ab7bac9e 100644 --- a/web/html/login.php +++ b/web/html/login.php @@ -42,6 +42,11 @@ html_header('AUR ' . __("Login")); <p> <input type="submit" class="button" value="<?php print __("Login"); ?>" /> <a href="<?= get_uri('/passreset/') ?>">[<?= __('Forgot Password') ?>]</a> + <?php if (in_request('referer') !== ""): ?> + <input id="id_referer" type="hidden" name="referer" value="<?= in_request('referer') ?>" /> + <?php elseif (isset($_SERVER['HTTP_REFERER'])): ?> + <input id="id_referer" type="hidden" name="referer" value="<?= htmlspecialchars($_SERVER['HTTP_REFERER'], ENT_QUOTES) ?>" /> + <?php endif; ?> </p> </fieldset> </form> diff --git a/web/lib/acctfuncs.inc.php b/web/lib/acctfuncs.inc.php index 993cd346..6b7d2275 100644 --- a/web/lib/acctfuncs.inc.php +++ b/web/lib/acctfuncs.inc.php @@ -544,7 +544,12 @@ function try_login() { } setcookie("AURSID", $new_sid, $cookie_time, "/", null, !empty($_SERVER['HTTPS']), true); - header("Location: " . get_uri('/')); + + $referer = in_request('referer'); + if (strpos($referer, aur_location()) !== 0) { + $referer = '/'; + } + header("Location: " . get_uri($referer)); $login_error = ""; } |