summaryrefslogtreecommitdiffstats
path: root/application
diff options
context:
space:
mode:
authorFlorian Pritz <bluewind@xinu.at>2015-08-18 22:01:18 +0200
committerFlorian Pritz <bluewind@xinu.at>2015-08-18 22:01:18 +0200
commit1c247bc4073451ad156ecedfbd2f7ebe73b56c12 (patch)
tree522b1527126d4b687229fb3e2c50a3c052f4f310 /application
parentf0dd547bd84b4461cdab8d7d556bdb275bf4864a (diff)
Fix redirect URI when using multiple tabs
If we store only the last called URI in the session we can't support multiple browser tabs that all need to log in again. Fix this by storing the URI in the URL. Also change a trim() to ltrim() so that the URI string we store keeps it's trailing slash. Signed-off-by: Florian Pritz <bluewind@xinu.at>
Diffstat (limited to 'application')
-rw-r--r--application/controllers/user.php19
-rw-r--r--application/models/muser.php12
-rw-r--r--application/views/header.php2
-rw-r--r--application/views/user/login.php2
4 files changed, 14 insertions, 21 deletions
diff --git a/application/controllers/user.php b/application/controllers/user.php
index b432cba5e..eca0b7da3 100644
--- a/application/controllers/user.php
+++ b/application/controllers/user.php
@@ -44,8 +44,18 @@ class User extends MY_Controller {
function login()
{
+ $redirect_uri = $this->input->get("redirect_uri");
$this->muser->require_session();
- $this->session->keep_flashdata("uri");
+
+ if (!preg_match('/^[0-9a-zA-Z\/_]*$/', $redirect_uri)) {
+ $redirect_uri = '/';
+ }
+
+ if ($this->muser->logged_in()) {
+ redirect($redirect_uri);
+ }
+
+ $this->data['redirect_uri'] = $redirect_uri;
if ($this->input->post('process') !== false) {
$username = $this->input->post('username');
@@ -59,12 +69,7 @@ class User extends MY_Controller {
$this->load->view($this->var->view_dir.'login', $this->data);
$this->load->view('footer', $this->data);
} else {
- $uri = $this->session->flashdata("uri");
- if ($uri) {
- redirect($uri);
- } else {
- redirect("/");
- }
+ redirect($redirect_uri);
}
} else {
$this->load->view('header', $this->data);
diff --git a/application/models/muser.php b/application/models/muser.php
index 4d183c5a6..200390358 100644
--- a/application/models/muser.php
+++ b/application/models/muser.php
@@ -18,10 +18,6 @@ class Muser extends CI_Model {
{
parent::__construct();
- if ($this->has_session() && !$this->logged_in()) {
- $this->session->keep_flashdata("uri");
- }
-
$this->load->helper("filebin");
$this->load->driver("duser");
}
@@ -184,14 +180,6 @@ class Muser extends CI_Model {
return $this->check_access_level($wanted_level);
}
- if (stateful_client()) {
- // desktop clients get redirected to the login form
- $this->require_session();
- if (!$this->session->userdata("flash:new:uri")) {
- $this->session->set_flashdata("uri", $this->uri->uri_string());
- }
- }
-
throw new \exceptions\NotAuthenticatedException("api/not-authenticated", "Not authenticated. FileBin requires you to have an account, please go to the homepage for more information.");
}
diff --git a/application/views/header.php b/application/views/header.php
index 081f91820..6332382b2 100644
--- a/application/views/header.php
+++ b/application/views/header.php
@@ -77,7 +77,7 @@ if (is_cli_client() && !isset($force_full_html)) {
<?php if(auth_driver_function_implemented("can_reset_password")) { ?>
<p><?php echo anchor("user/reset_password", "Forgot your password?"); ?></p>
<?php } ?>
- <?php echo form_open("user/login", array("class" => "form-signin")); ?>
+ <?php echo form_open("user/login?redirect_uri=".get_instance()->uri->uri_string(), array("class" => "form-signin")); ?>
<input type="text" name="username" placeholder="Username" class="form-control">
<input type="password" name="password" placeholder="Password" class="form-control">
<button type="submit" name="process" class="btn btn-default btn-block">Login</button>
diff --git a/application/views/user/login.php b/application/views/user/login.php
index 3e30d53bd..5b2067bb0 100644
--- a/application/views/user/login.php
+++ b/application/views/user/login.php
@@ -3,7 +3,7 @@ if (isset($login_error)) { ?>
<div class="alert alert-danger">The entered credentials are invalid.</div>
<?php } ?>
-<?php echo form_open('user/login', array("class" => "form-horizontal login-page")); ?>
+<?php echo form_open("user/login?redirect_uri=$redirect_uri", array("class" => "form-horizontal login-page")); ?>
<div class="form-group">
<label class="control-label" for="inputUsername">Username</label>
<div class="controls">