Commit b0f47a8dfde17b60a1c9e2a251e7c93dd5e533f3
1 parent
c12bb542
done with controller session / redirect handling
git-svn-id: https://kt-dms.svn.sourceforge.net/svnroot/kt-dms/trunk@139 c91229c3-7414-0410-bfa2-8a42b809f60b
Showing
1 changed file
with
14 additions
and
18 deletions
lib/control.inc
| @@ -48,7 +48,7 @@ function controllerRedirect($action, $queryString) { | @@ -48,7 +48,7 @@ function controllerRedirect($action, $queryString) { | ||
| 48 | * @return the controller url | 48 | * @return the controller url |
| 49 | */ | 49 | */ |
| 50 | function generateControllerUrl($action) { | 50 | function generateControllerUrl($action) { |
| 51 | - return "control.php?action=$action"; | 51 | + return "/control.php?action=$action"; |
| 52 | } | 52 | } |
| 53 | 53 | ||
| 54 | /** | 54 | /** |
| @@ -64,34 +64,30 @@ function generateLink($action) { | @@ -64,34 +64,30 @@ function generateLink($action) { | ||
| 64 | 64 | ||
| 65 | /** | 65 | /** |
| 66 | * Verifies the current session | 66 | * Verifies the current session |
| 67 | + * Automatically redirects to | ||
| 67 | */ | 68 | */ |
| 68 | function checkSession() { | 69 | function checkSession() { |
| 70 | + global $default; | ||
| 71 | + | ||
| 69 | session_start(); | 72 | session_start(); |
| 70 | $session = new Session(); | 73 | $session = new Session(); |
| 71 | $sessionStatus = $session->verify(); | 74 | $sessionStatus = $session->verify(); |
| 75 | + // ??: do i need all this stuff? | ||
| 72 | if ($sessionStatus["status"] != 1) { | 76 | if ($sessionStatus["status"] != 1) { |
| 73 | // verification failed, redirect to login with error message | 77 | // verification failed, redirect to login with error message |
| 74 | - $url = "login.php?loginAction=loginForm"; | ||
| 75 | - if (isset($default->errorMessage) && (strlen($default->errorMessage) > 0) ) { | ||
| 76 | - $url = $url . "&errorMessage=$default->errorMessage"; | ||
| 77 | - } | ||
| 78 | - $qs = $_SERVER[QUERY_STRING]; | ||
| 79 | - // redirect to login page with original uri unless the original uri is the login page, | ||
| 80 | - // which means that the login attempt failed | ||
| 81 | - if (strstr($qs, "action=LOGIN_FORM")) { | ||
| 82 | - // redirecting to login- ensure error message is set | ||
| 83 | - // FIXME: is this presumptious? more rigor? use $default? | ||
| 84 | - $url = $url . "&errorMessage=" . urlencode($errorMessage); | ||
| 85 | - } else if (strlen($_SERVER[QUERY_STRING]) > 1) { | 78 | + $url = "/login.php?loginAction=loginForm"; |
| 79 | + | ||
| 80 | + $redirect = $_SERVER[PHP_SELF]; | ||
| 81 | + //echo "redirect url = $redirect<br>"; | ||
| 82 | + if (strlen($redirect) > 1) { | ||
| 86 | // not redirecting to login, so this session verification failure | 83 | // not redirecting to login, so this session verification failure |
| 87 | // represents either the first visit to the site | 84 | // represents either the first visit to the site |
| 88 | // OR a session timeout etc. (in which case we still want to bounce | 85 | // OR a session timeout etc. (in which case we still want to bounce |
| 89 | // the user to the login page, and then back to whatever page they're on now) | 86 | // the user to the login page, and then back to whatever page they're on now) |
| 90 | - $originalRequest = $_SERVER[QUERY_STRING]; | ||
| 91 | - $url = $url . "&redirect=" . $originalRequest; | 87 | + $url = $url . "&redirect=" . $redirect; |
| 92 | } | 88 | } |
| 93 | - | ||
| 94 | redirect($url); | 89 | redirect($url); |
| 95 | - | ||
| 96 | - } | 90 | + } else { |
| 91 | + return true; | ||
| 92 | + } | ||
| 97 | } | 93 | } |