From 8c72b98d9d6f3e8a4d88afbe5f499f115d2d532a Mon Sep 17 00:00:00 2001 From: nicosomb Date: Sat, 20 Apr 2013 10:22:00 +0200 Subject: =?UTF-8?q?Fixed=20#63=20-=20le=20referer=20n'=C3=A9tait=20plus=20?= =?UTF-8?q?pris=20en=20compte?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- index.php | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) (limited to 'index.php') diff --git a/index.php b/index.php index 9a81a741..954d9224 100644 --- a/index.php +++ b/index.php @@ -20,6 +20,8 @@ if (!empty($_POST)) { unset($_SESSION['tokens']); } +$ref = empty($_SERVER['HTTP_REFERER']) ? '' : $_SERVER['HTTP_REFERER']; + if (isset($_GET['login'])) { // Login if (!empty($_POST['login']) && !empty($_POST['password'])) { @@ -34,7 +36,7 @@ if (isset($_GET['login'])) { } session_regenerate_id(true); - MyTool::redirect(); + MyTool::redirect($ref); } logm('login failed'); die("Login failed !"); @@ -55,7 +57,6 @@ $action = (isset ($_REQUEST['action'])) ? htmlentities($_REQUEST['ac $_SESSION['sort'] = (isset ($_REQUEST['sort'])) ? htmlentities($_REQUEST['sort']) : 'id'; $id = (isset ($_REQUEST['id'])) ? htmlspecialchars($_REQUEST['id']) : ''; $url = (isset ($_GET['url'])) ? $_GET['url'] : ''; -$ref = empty($_SERVER['HTTP_REFERER']) ? '' : $_SERVER['HTTP_REFERER']; $tpl->assign('isLogged', Session::isLogged()); $tpl->assign('referer', $ref); @@ -69,4 +70,4 @@ if (Session::isLogged()) { } else { $tpl->draw('login'); -} \ No newline at end of file +} -- cgit v1.2.3 From 6f87a19714057e370a6b970bbfb82af5abd968f9 Mon Sep 17 00:00:00 2001 From: nicosomb Date: Sun, 21 Apr 2013 18:42:20 +0200 Subject: Fixed #64 - nettoyage de MyTool --- index.php | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) (limited to 'index.php') diff --git a/index.php b/index.php index 954d9224..f64a0418 100644 --- a/index.php +++ b/index.php @@ -11,6 +11,7 @@ include dirname(__FILE__).'/inc/config.php'; # initialize session +myTool::initPhp(); Session::init(); # XSRF protection with token if (!empty($_POST)) { @@ -61,7 +62,7 @@ $url = (isset ($_GET['url'])) ? $_GET['url'] : ''; $tpl->assign('isLogged', Session::isLogged()); $tpl->assign('referer', $ref); $tpl->assign('view', $view); -$tpl->assign('poche_url', get_poche_url()); +$tpl->assign('poche_url', myTool::getUrl()); $tpl->assign('title', 'poche, a read it later open source system'); if (Session::isLogged()) { -- cgit v1.2.3 From f0070a15e4725255dad967bde76155a39d189631 Mon Sep 17 00:00:00 2001 From: nicosomb Date: Sun, 21 Apr 2013 19:32:19 +0200 Subject: =?UTF-8?q?flash=20messages=20pour=20indiquer=20qu'une=20action=20?= =?UTF-8?q?s'est=20bien=20effectu=C3=A9e=20ou=20qu'il=20y=20a=20eu=20une?= =?UTF-8?q?=20erreur?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- index.php | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) (limited to 'index.php') diff --git a/index.php b/index.php index f64a0418..6eefd277 100644 --- a/index.php +++ b/index.php @@ -10,9 +10,8 @@ include dirname(__FILE__).'/inc/config.php'; -# initialize session myTool::initPhp(); -Session::init(); + # XSRF protection with token if (!empty($_POST)) { if (!Session::isToken($_POST['token'])) { -- cgit v1.2.3