summaryrefslogtreecommitdiffstats
path: root/application
diff options
context:
space:
mode:
Diffstat (limited to 'application')
-rw-r--r--application/controllers/user.php19
-rw-r--r--application/models/muser.php12
-rw-r--r--application/views/header.php2
-rw-r--r--application/views/user/login.php2
4 files changed, 14 insertions, 21 deletions
diff --git a/application/controllers/user.php b/application/controllers/user.php
index b432cba5e..eca0b7da3 100644
--- a/application/controllers/user.php
+++ b/application/controllers/user.php
@@ -44,8 +44,18 @@ class User extends MY_Controller {
function login()
{
+ $redirect_uri = $this->input->get("redirect_uri");
$this->muser->require_session();
- $this->session->keep_flashdata("uri");
+
+ if (!preg_match('/^[0-9a-zA-Z\/_]*$/', $redirect_uri)) {
+ $redirect_uri = '/';
+ }
+
+ if ($this->muser->logged_in()) {
+ redirect($redirect_uri);
+ }
+
+ $this->data['redirect_uri'] = $redirect_uri;
if ($this->input->post('process') !== false) {
$username = $this->input->post('username');
@@ -59,12 +69,7 @@ class User extends MY_Controller {
$this->load->view($this->var->view_dir.'login', $this->data);
$this->load->view('footer', $this->data);
} else {
- $uri = $this->session->flashdata("uri");
- if ($uri) {
- redirect($uri);
- } else {
- redirect("/");
- }
+ redirect($redirect_uri);
}
} else {
$this->load->view('header', $this->data);
diff --git a/application/models/muser.php b/application/models/muser.php
index 4d183c5a6..200390358 100644
--- a/application/models/muser.php
+++ b/application/models/muser.php
@@ -18,10 +18,6 @@ class Muser extends CI_Model {
{
parent::__construct();
- if ($this->has_session() && !$this->logged_in()) {
- $this->session->keep_flashdata("uri");
- }
-
$this->load->helper("filebin");
$this->load->driver("duser");
}
@@ -184,14 +180,6 @@ class Muser extends CI_Model {
return $this->check_access_level($wanted_level);
}
- if (stateful_client()) {
- // desktop clients get redirected to the login form
- $this->require_session();
- if (!$this->session->userdata("flash:new:uri")) {
- $this->session->set_flashdata("uri", $this->uri->uri_string());
- }
- }
-
throw new \exceptions\NotAuthenticatedException("api/not-authenticated", "Not authenticated. FileBin requires you to have an account, please go to the homepage for more information.");
}
diff --git a/application/views/header.php b/application/views/header.php
index 081f91820..6332382b2 100644
--- a/application/views/header.php
+++ b/application/views/header.php
@@ -77,7 +77,7 @@ if (is_cli_client() && !isset($force_full_html)) {
<?php if(auth_driver_function_implemented("can_reset_password")) { ?>
<p><?php echo anchor("user/reset_password", "Forgot your password?"); ?></p>
<?php } ?>
- <?php echo form_open("user/login", array("class" => "form-signin")); ?>
+ <?php echo form_open("user/login?redirect_uri=".get_instance()->uri->uri_string(), array("class" => "form-signin")); ?>
<input type="text" name="username" placeholder="Username" class="form-control">
<input type="password" name="password" placeholder="Password" class="form-control">
<button type="submit" name="process" class="btn btn-default btn-block">Login</button>
diff --git a/application/views/user/login.php b/application/views/user/login.php
index 3e30d53bd..5b2067bb0 100644
--- a/application/views/user/login.php
+++ b/application/views/user/login.php
@@ -3,7 +3,7 @@ if (isset($login_error)) { ?>
<div class="alert alert-danger">The entered credentials are invalid.</div>
<?php } ?>
-<?php echo form_open('user/login', array("class" => "form-horizontal login-page")); ?>
+<?php echo form_open("user/login?redirect_uri=$redirect_uri", array("class" => "form-horizontal login-page")); ?>
<div class="form-group">
<label class="control-label" for="inputUsername">Username</label>
<div class="controls">