diff options
-rw-r--r-- | application/controllers/user.php | 19 | ||||
-rw-r--r-- | application/models/muser.php | 12 | ||||
-rw-r--r-- | application/views/header.php | 2 | ||||
-rw-r--r-- | application/views/user/login.php | 2 | ||||
-rw-r--r-- | public_html/index.php | 7 | ||||
-rw-r--r-- | system/core/Config.php | 2 |
6 files changed, 21 insertions, 23 deletions
diff --git a/application/controllers/user.php b/application/controllers/user.php index b432cba5e..eca0b7da3 100644 --- a/application/controllers/user.php +++ b/application/controllers/user.php @@ -44,8 +44,18 @@ class User extends MY_Controller { function login() { + $redirect_uri = $this->input->get("redirect_uri"); $this->muser->require_session(); - $this->session->keep_flashdata("uri"); + + if (!preg_match('/^[0-9a-zA-Z\/_]*$/', $redirect_uri)) { + $redirect_uri = '/'; + } + + if ($this->muser->logged_in()) { + redirect($redirect_uri); + } + + $this->data['redirect_uri'] = $redirect_uri; if ($this->input->post('process') !== false) { $username = $this->input->post('username'); @@ -59,12 +69,7 @@ class User extends MY_Controller { $this->load->view($this->var->view_dir.'login', $this->data); $this->load->view('footer', $this->data); } else { - $uri = $this->session->flashdata("uri"); - if ($uri) { - redirect($uri); - } else { - redirect("/"); - } + redirect($redirect_uri); } } else { $this->load->view('header', $this->data); diff --git a/application/models/muser.php b/application/models/muser.php index 4d183c5a6..200390358 100644 --- a/application/models/muser.php +++ b/application/models/muser.php @@ -18,10 +18,6 @@ class Muser extends CI_Model { { parent::__construct(); - if ($this->has_session() && !$this->logged_in()) { - $this->session->keep_flashdata("uri"); - } - $this->load->helper("filebin"); $this->load->driver("duser"); } @@ -184,14 +180,6 @@ class Muser extends CI_Model { return $this->check_access_level($wanted_level); } - if (stateful_client()) { - // desktop clients get redirected to the login form - $this->require_session(); - if (!$this->session->userdata("flash:new:uri")) { - $this->session->set_flashdata("uri", $this->uri->uri_string()); - } - } - throw new \exceptions\NotAuthenticatedException("api/not-authenticated", "Not authenticated. FileBin requires you to have an account, please go to the homepage for more information."); } diff --git a/application/views/header.php b/application/views/header.php index 081f91820..6332382b2 100644 --- a/application/views/header.php +++ b/application/views/header.php @@ -77,7 +77,7 @@ if (is_cli_client() && !isset($force_full_html)) { <?php if(auth_driver_function_implemented("can_reset_password")) { ?> <p><?php echo anchor("user/reset_password", "Forgot your password?"); ?></p> <?php } ?> - <?php echo form_open("user/login", array("class" => "form-signin")); ?> + <?php echo form_open("user/login?redirect_uri=".get_instance()->uri->uri_string(), array("class" => "form-signin")); ?> <input type="text" name="username" placeholder="Username" class="form-control"> <input type="password" name="password" placeholder="Password" class="form-control"> <button type="submit" name="process" class="btn btn-default btn-block">Login</button> diff --git a/application/views/user/login.php b/application/views/user/login.php index 3e30d53bd..5b2067bb0 100644 --- a/application/views/user/login.php +++ b/application/views/user/login.php @@ -3,7 +3,7 @@ if (isset($login_error)) { ?> <div class="alert alert-danger">The entered credentials are invalid.</div> <?php } ?> -<?php echo form_open('user/login', array("class" => "form-horizontal login-page")); ?> +<?php echo form_open("user/login?redirect_uri=$redirect_uri", array("class" => "form-horizontal login-page")); ?> <div class="form-group"> <label class="control-label" for="inputUsername">Username</label> <div class="controls"> diff --git a/public_html/index.php b/public_html/index.php index f0c099478..de9d2a16c 100644 --- a/public_html/index.php +++ b/public_html/index.php @@ -221,7 +221,12 @@ try { if (is_cli_client()) { show_error(nl2br(htmlspecialchars($e->__toString())), $e->get_http_error_code()); } else { - redirect("user/login"); + $CI =& get_instance(); + $redirect_uri = $CI->uri->uri_string(); + if (isset($CI->data["redirect_uri"])) { + $redirect_uri = $CI->data["redirect_uri"]; + } + redirect("user/login?redirect_uri=".$redirect_uri); } } catch (\exceptions\PublicApiException $e) { show_error(nl2br(htmlspecialchars($e->__toString())), $e->get_http_error_code()); diff --git a/system/core/Config.php b/system/core/Config.php index 46ed9365c..caa8b945a 100644 --- a/system/core/Config.php +++ b/system/core/Config.php @@ -299,7 +299,7 @@ class CI_Config { { $uri = implode('/', $uri); } - $uri = trim($uri, '/'); + $uri = ltrim($uri, '/'); } else { |