Store redirect login url in session instead of using url parameter

author: Frederic Guillot <fred@kanboard.net> 2015-07-16 22:22:33 -0400
committer: Frederic Guillot <fred@kanboard.net> 2015-07-16 22:22:33 -0400
commit: 493c7c2c74ffdbe3ceb422d331b73e653ec0b618 (patch)
tree: baa8451934e3b1f35a525a0665b12a13cf66eccd /app/Controller
parent: e0d4877126acc1e7189e6e67e1f1ca24e1dd5f02 (diff)
3 files changed, 6 insertions, 6 deletions
diff --git a/app/Controller/Auth.php b/app/Controller/Auth.php
index 24e6e242..e8889b7f 100644
--- a/app/Controller/Auth.php
+++ b/app/Controller/Auth.php
@@ -25,7 +25,6 @@ class Auth extends Base
             'errors' => $errors,
             'values' => $values,
             'no_layout' => true,
-            'redirect_query' => $this->request->getStringParam('redirect_query'),
             'title' => t('Login')
         )));
     }
@@ -37,14 +36,15 @@ class Auth extends Base
      */
     public function check()
     {
-        $redirect_query = $this->request->getStringParam('redirect_query');
         $values = $this->request->getValues();
         list($valid, $errors) = $this->authentication->validateForm($values);
 
         if ($valid) {
 
-            if ($redirect_query !== '') {
-                $this->response->redirect('?'.urldecode($redirect_query));
+            if (! empty($this->session['login_redirect']) && ! filter_var($this->session['login_redirect'], FILTER_VALIDATE_URL)) {
+                $redirect = $this->session['login_redirect'];
+                unset($this->session['login_redirect']);
+                $this->response->redirect($redirect);
             }
 
             $this->response->redirect($this->helper->url->to('app', 'index'));
diff --git a/app/Controller/Base.php b/app/Controller/Base.php
index 18187162..31eb023d 100644
--- a/app/Controller/Base.php
+++ b/app/Controller/Base.php
@@ -127,7 +127,8 @@ abstract class Base extends \Core\Base
                 $this->response->text('Not Authorized', 401);
             }
 
-            $this->response->redirect($this->helper->url->to('auth', 'login', array('redirect_query' => urlencode($this->request->getQueryString()))));
+            $this->session['login_redirect'] = $this->request->getUri();
+            $this->response->redirect($this->helper->url->to('auth', 'login'));
         }
     }
 
diff --git a/app/Controller/Oauth.php b/app/Controller/Oauth.php
index 00ccd694..8ba5b252 100644
--- a/app/Controller/Oauth.php
+++ b/app/Controller/Oauth.php
@@ -116,7 +116,6 @@ class Oauth extends Base
                 'errors' => array('login' => t('External authentication failed')),
                 'values' => array(),
                 'no_layout' => true,
-                'redirect_query' => '',
                 'title' => t('Login')
             )));
         }
author	Frederic Guillot <fred@kanboard.net>	2015-07-16 22:22:33 -0400
committer	Frederic Guillot <fred@kanboard.net>	2015-07-16 22:22:33 -0400
commit	493c7c2c74ffdbe3ceb422d331b73e653ec0b618 (patch)
tree	baa8451934e3b1f35a525a0665b12a13cf66eccd /app/Controller
parent	e0d4877126acc1e7189e6e67e1f1ca24e1dd5f02 (diff)