From 1b8d16cf4bbb15fa5206dbaeaca3024e8a5abbc3 Mon Sep 17 00:00:00 2001
From: Michael Joseph <michael@knowledgetree.com>
Date: Mon, 20 Jan 2003 16:16:38 +0000
Subject: [PATCH] moved page level authorisation array initialisation from the controller to the login page (so that the user can use the back button!)

---
 control.php            | 3 ---
 presentation/login.php | 3 +++
 2 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/control.php b/control.php
index aa8f1d7..71b5066 100644
--- a/control.php
+++ b/control.php
@@ -40,9 +40,6 @@ if (checkSessionAndRedirect(false)) {
 //  from the sitemap requires group access ie. !Anonymous then redirect to no
 //  permission page)
 
-// reset authorisation flag before checking access
-$_SESSION["pageAccess"] = NULL;
-
 // check whether the users group has access to the requested page
 $page = $default->siteMap->getPage($action, $_SESSION["userID"]);
 
diff --git a/presentation/login.php b/presentation/login.php
index 68b47a1..1a127b1 100644
--- a/presentation/login.php
+++ b/presentation/login.php
@@ -66,6 +66,9 @@ if ($loginAction == "loginForm") {
                 $session = new Session();
                 $sessionID = $session->create($userDetails["userID"]);
                 
+                // initialise page-level authorisation array
+                $_SESSION["pageAccess"] = NULL;
+                
                 // check for a location to forward to
                 if (isset($redirect) && strlen(trim($redirect))>0) {
                     $url = urldecode($redirect);
--
libgit2 0.21.4