From 493c7c2c74ffdbe3ceb422d331b73e653ec0b618 Mon Sep 17 00:00:00 2001 From: Frederic Guillot Date: Thu, 16 Jul 2015 22:22:33 -0400 Subject: Store redirect login url in session instead of using url parameter --- app/Controller/Auth.php | 8 ++++---- app/Controller/Base.php | 3 ++- app/Controller/Oauth.php | 1 - 3 files changed, 6 insertions(+), 6 deletions(-) (limited to 'app/Controller') diff --git a/app/Controller/Auth.php b/app/Controller/Auth.php index 24e6e242..e8889b7f 100644 --- a/app/Controller/Auth.php +++ b/app/Controller/Auth.php @@ -25,7 +25,6 @@ class Auth extends Base 'errors' => $errors, 'values' => $values, 'no_layout' => true, - 'redirect_query' => $this->request->getStringParam('redirect_query'), 'title' => t('Login') ))); } @@ -37,14 +36,15 @@ class Auth extends Base */ public function check() { - $redirect_query = $this->request->getStringParam('redirect_query'); $values = $this->request->getValues(); list($valid, $errors) = $this->authentication->validateForm($values); if ($valid) { - if ($redirect_query !== '') { - $this->response->redirect('?'.urldecode($redirect_query)); + if (! empty($this->session['login_redirect']) && ! filter_var($this->session['login_redirect'], FILTER_VALIDATE_URL)) { + $redirect = $this->session['login_redirect']; + unset($this->session['login_redirect']); + $this->response->redirect($redirect); } $this->response->redirect($this->helper->url->to('app', 'index')); diff --git a/app/Controller/Base.php b/app/Controller/Base.php index 18187162..31eb023d 100644 --- a/app/Controller/Base.php +++ b/app/Controller/Base.php @@ -127,7 +127,8 @@ abstract class Base extends \Core\Base $this->response->text('Not Authorized', 401); } - $this->response->redirect($this->helper->url->to('auth', 'login', array('redirect_query' => urlencode($this->request->getQueryString())))); + $this->session['login_redirect'] = $this->request->getUri(); + $this->response->redirect($this->helper->url->to('auth', 'login')); } } diff --git a/app/Controller/Oauth.php b/app/Controller/Oauth.php index 00ccd694..8ba5b252 100644 --- a/app/Controller/Oauth.php +++ b/app/Controller/Oauth.php @@ -116,7 +116,6 @@ class Oauth extends Base 'errors' => array('login' => t('External authentication failed')), 'values' => array(), 'no_layout' => true, - 'redirect_query' => '', 'title' => t('Login') ))); } -- cgit v1.2.3