Commit 1b8d16cf4bbb15fa5206dbaeaca3024e8a5abbc3
1 parent
ed03d6f0
moved page level authorisation array initialisation from the controller to the l…
…ogin page (so that the user can use the back button!) git-svn-id: https://kt-dms.svn.sourceforge.net/svnroot/kt-dms/trunk@407 c91229c3-7414-0410-bfa2-8a42b809f60b
Showing
2 changed files
with
3 additions
and
3 deletions
control.php
| @@ -40,9 +40,6 @@ if (checkSessionAndRedirect(false)) { | @@ -40,9 +40,6 @@ if (checkSessionAndRedirect(false)) { | ||
| 40 | // from the sitemap requires group access ie. !Anonymous then redirect to no | 40 | // from the sitemap requires group access ie. !Anonymous then redirect to no |
| 41 | // permission page) | 41 | // permission page) |
| 42 | 42 | ||
| 43 | -// reset authorisation flag before checking access | ||
| 44 | -$_SESSION["pageAccess"] = NULL; | ||
| 45 | - | ||
| 46 | // check whether the users group has access to the requested page | 43 | // check whether the users group has access to the requested page |
| 47 | $page = $default->siteMap->getPage($action, $_SESSION["userID"]); | 44 | $page = $default->siteMap->getPage($action, $_SESSION["userID"]); |
| 48 | 45 |
presentation/login.php
| @@ -66,6 +66,9 @@ if ($loginAction == "loginForm") { | @@ -66,6 +66,9 @@ if ($loginAction == "loginForm") { | ||
| 66 | $session = new Session(); | 66 | $session = new Session(); |
| 67 | $sessionID = $session->create($userDetails["userID"]); | 67 | $sessionID = $session->create($userDetails["userID"]); |
| 68 | 68 | ||
| 69 | + // initialise page-level authorisation array | ||
| 70 | + $_SESSION["pageAccess"] = NULL; | ||
| 71 | + | ||
| 69 | // check for a location to forward to | 72 | // check for a location to forward to |
| 70 | if (isset($redirect) && strlen(trim($redirect))>0) { | 73 | if (isset($redirect) && strlen(trim($redirect))>0) { |
| 71 | $url = urldecode($redirect); | 74 | $url = urldecode($redirect); |