diff options
| author | Bharat Mediratta <bharat@menalto.com> | 2010-06-12 15:16:47 -0700 |
|---|---|---|
| committer | Bharat Mediratta <bharat@menalto.com> | 2010-06-12 15:16:47 -0700 |
| commit | dceecabbf1b736604ceb2e08e803b12c99dc4509 (patch) | |
| tree | f5241fa8707258e39721e30328c85770a79714f9 /modules | |
| parent | c026da85cdbac9e9566045f8de2718cae985f0ec (diff) | |
Make login/logout continuation url code consistent. Where necessary,
we specify the continue_url in the session, but we store it in the
login form so that we can propagate it across the session creation
that happens at login time.
Diffstat (limited to 'modules')
| -rw-r--r-- | modules/gallery/controllers/login.php | 4 | ||||
| -rw-r--r-- | modules/gallery/helpers/auth.php | 1 | ||||
| -rw-r--r-- | modules/gallery/libraries/MY_Kohana_Exception.php | 4 |
3 files changed, 4 insertions, 5 deletions
diff --git a/modules/gallery/controllers/login.php b/modules/gallery/controllers/login.php index 40125476..19335d88 100644 --- a/modules/gallery/controllers/login.php +++ b/modules/gallery/controllers/login.php @@ -44,10 +44,10 @@ class Login_Controller extends Controller { public function auth_html() { access::verify_csrf(); - $continue_url = Session::instance()->get("continue_url", null); list ($valid, $form) = $this->_auth("login/auth_html"); if ($valid) { - url::redirect($continue_url ? $continue_url : item::root()->abs_url()); + url::redirect($form->continue_url->value ? $form->continue_url_value : + item::root()->abs_url()); } else { $view = new Theme_View("page.html", "other", "login"); $view->page_title = t("Log in to Gallery"); diff --git a/modules/gallery/helpers/auth.php b/modules/gallery/helpers/auth.php index 1a9fe869..48b5fc32 100644 --- a/modules/gallery/helpers/auth.php +++ b/modules/gallery/helpers/auth.php @@ -21,6 +21,7 @@ class auth_Core { static function get_login_form($url) { $form = new Forge($url, "", "post", array("id" => "g-login-form")); $form->set_attr("class", "g-narrow"); + $form->hidden("continue_url")->value(Session::instance()->get("continue_url")); $group = $form->group("login")->label(t("Login")); $group->input("name")->label(t("Username"))->id("g-username")->class(null) ->callback("auth::validate_too_many_failed_logins") diff --git a/modules/gallery/libraries/MY_Kohana_Exception.php b/modules/gallery/libraries/MY_Kohana_Exception.php index e7ebdb1f..df7557ae 100644 --- a/modules/gallery/libraries/MY_Kohana_Exception.php +++ b/modules/gallery/libraries/MY_Kohana_Exception.php @@ -59,7 +59,7 @@ class Kohana_Exception extends Kohana_Exception_Core { private static function _show_themed_error_page(Exception $e) { // Create a text version of the exception $error = Kohana_Exception::text($e); - + // Add this exception to the log Kohana_Log::add('error', $error); @@ -83,8 +83,6 @@ class Kohana_Exception extends Kohana_Exception_Core { if ($view->content->is_guest) { $view->content->login_form = new View("login_ajax.html"); $view->content->login_form->form = auth::get_login_form("login/auth_html"); - // Avoid anti-phishing protection by passing the url as session variable. - Session::instance()->set("continue_url", url::current(true)); } } else { $view->page_title = t("Dang... Something went wrong!"); |