Commit 04b7d7b02fb2ac33adf1a47d93e99da7dfea3f2b
1 parent
301cb919
Detect if cookies are enabled at login-time. If not, print a message
explaining what is wrong. Submitted by: zkrih SF Tracker: 1202501 git-svn-id: https://kt-dms.svn.sourceforge.net/svnroot/kt-dms/trunk@3313 c91229c3-7414-0410-bfa2-8a42b809f60b
Showing
1 changed file
with
11 additions
and
1 deletions
presentation/login.php
| ... | ... | @@ -37,6 +37,8 @@ $errorMessage = $_REQUEST['errorMessage']; |
| 37 | 37 | |
| 38 | 38 | if ($_REQUEST['loginAction'] == "loginForm") { |
| 39 | 39 | // TODO: build login form using PatternMainPage |
| 40 | + $cookietest = KTUtil::randomString(); | |
| 41 | + setcookie("CookieTestCookie", $cookietest, false); | |
| 40 | 42 | print "<html> |
| 41 | 43 | <head> |
| 42 | 44 | <link rel=\"stylesheet\" href=\"$default->uiUrl/stylesheet.php\"> |
| ... | ... | @@ -82,6 +84,7 @@ if ($_REQUEST['loginAction'] == "loginForm") { |
| 82 | 84 | </td></tr> |
| 83 | 85 | <input type=\"hidden\" name=\"redirect\" value=\"$redirect\"/> |
| 84 | 86 | <input type=\"hidden\" name=\"loginAction\" value=\"login\">\n |
| 87 | + <input type=\"hidden\" name=\"cookietestinput\" value=\"$cookietest\">\n | |
| 85 | 88 | <tr align=\"right\"><td><input type=\"image\" src=\"" . KTHtml::getLoginButton() . "\" border=\"0\"></td></tr>\n |
| 86 | 89 | <tr><td><font size=\"1\">" . _("System Version") . ": " . $default->systemVersion . "</font></td></tr> |
| 87 | 90 | </table> |
| ... | ... | @@ -93,6 +96,12 @@ if ($_REQUEST['loginAction'] == "loginForm") { |
| 93 | 96 | // set default url for login failure |
| 94 | 97 | // with redirect appended if set |
| 95 | 98 | $url = $url . "login.php?loginAction=loginForm" . (isset($redirect) ? "&redirect=" . urlencode($redirect) : ""); |
| 99 | + $cookieTest = KTUtil::arrayGet($_COOKIE, "CookieTestCookie", null); | |
| 100 | + if (is_null($cookieTest) || $cookieTest != KTUtil::arrayGet($_REQUEST, "cookietestinput")) { | |
| 101 | + $url .= "&errorMessage=" . urlencode(_("KnowledgeTree requires cookies to work")); | |
| 102 | + redirect($url); | |
| 103 | + exit(0); | |
| 104 | + } | |
| 96 | 105 | |
| 97 | 106 | // if requirements are met and we have a username and password to authenticate |
| 98 | 107 | if (isset($_REQUEST['fUserName']) && isset($_REQUEST['fPassword']) ) { |
| ... | ... | @@ -164,6 +173,7 @@ if ($_REQUEST['loginAction'] == "loginForm") { |
| 164 | 173 | redirect($url); |
| 165 | 174 | } else { |
| 166 | 175 | // redirect to root |
| 167 | - redirect($default->rootUrl); | |
| 176 | + $url = generateLink("", ""); | |
| 177 | + redirect($url); | |
| 168 | 178 | } |
| 169 | 179 | ?> | ... | ... |