diff options
| author | Bharat Mediratta <bharat@menalto.com> | 2010-06-12 15:16:47 -0700 |
|---|---|---|
| committer | Bharat Mediratta <bharat@menalto.com> | 2010-06-12 15:16:47 -0700 |
| commit | dceecabbf1b736604ceb2e08e803b12c99dc4509 (patch) | |
| tree | f5241fa8707258e39721e30328c85770a79714f9 | |
| parent | c026da85cdbac9e9566045f8de2718cae985f0ec (diff) | |
Make login/logout continuation url code consistent. Where necessary,
we specify the continue_url in the session, but we store it in the
login form so that we can propagate it across the session creation
that happens at login time.
| -rw-r--r-- | modules/gallery/controllers/login.php | 4 | ||||
| -rw-r--r-- | modules/gallery/helpers/auth.php | 1 | ||||
| -rw-r--r-- | modules/gallery/libraries/MY_Kohana_Exception.php | 4 |
3 files changed, 4 insertions, 5 deletions
diff --git a/modules/gallery/controllers/login.php b/modules/gallery/controllers/login.php index 40125476..19335d88 100644 --- a/modules/gallery/controllers/login.php +++ b/modules/gallery/controllers/login.php @@ -44,10 +44,10 @@ class Login_Controller extends Controller { public function auth_html() { access::verify_csrf(); - $continue_url = Session::instance()->get("continue_url", null); list ($valid, $form) = $this->_auth("login/auth_html"); if ($valid) { - url::redirect($continue_url ? $continue_url : item::root()->abs_url()); + url::redirect($form->continue_url->value ? $form->continue_url_value : + item::root()->abs_url()); } else { $view = new Theme_View("page.html", "other", "login"); $view->page_title = t("Log in to Gallery"); diff --git a/modules/gallery/helpers/auth.php b/modules/gallery/helpers/auth.php index 1a9fe869..48b5fc32 100644 --- a/modules/gallery/helpers/auth.php +++ b/modules/gallery/helpers/auth.php @@ -21,6 +21,7 @@ class auth_Core { static function get_login_form($url) { $form = new Forge($url, "", "post", array("id" => "g-login-form")); $form->set_attr("class", "g-narrow"); + $form->hidden("continue_url")->value(Session::instance()->get("continue_url")); $group = $form->group("login")->label(t("Login")); $group->input("name")->label(t("Username"))->id("g-username")->class(null) ->callback("auth::validate_too_many_failed_logins") diff --git a/modules/gallery/libraries/MY_Kohana_Exception.php b/modules/gallery/libraries/MY_Kohana_Exception.php index e7ebdb1f..df7557ae 100644 --- a/modules/gallery/libraries/MY_Kohana_Exception.php +++ b/modules/gallery/libraries/MY_Kohana_Exception.php @@ -59,7 +59,7 @@ class Kohana_Exception extends Kohana_Exception_Core { private static function _show_themed_error_page(Exception $e) { // Create a text version of the exception $error = Kohana_Exception::text($e); - + // Add this exception to the log Kohana_Log::add('error', $error); @@ -83,8 +83,6 @@ class Kohana_Exception extends Kohana_Exception_Core { if ($view->content->is_guest) { $view->content->login_form = new View("login_ajax.html"); $view->content->login_form->form = auth::get_login_form("login/auth_html"); - // Avoid anti-phishing protection by passing the url as session variable. - Session::instance()->set("continue_url", url::current(true)); } } else { $view->page_title = t("Dang... Something went wrong!"); |