Commit dae73eeb5ebe60d4b959edcf240ce57a20f5e3ef
1 parent
5e83e7ab
fixed controller
git-svn-id: https://kt-dms.svn.sourceforge.net/svnroot/kt-dms/trunk@141 c91229c3-7414-0410-bfa2-8a42b809f60b
Showing
1 changed file
with
14 additions
and
21 deletions
control.php
| ... | ... | @@ -29,26 +29,24 @@ require_once("$default->owl_fs_root/lib/SiteMap.inc"); |
| 29 | 29 | // page start |
| 30 | 30 | // ------------------------------- |
| 31 | 31 | |
| 32 | -// check the session | |
| 33 | -checkSession(); | |
| 34 | - | |
| 35 | -// loop through array of post params and build query string, omitting action | |
| 36 | -$queryParams = ""; | |
| 37 | -foreach ($_POST as $key => $value) { | |
| 38 | - //echo "key=$key; value=$value<br>"; | |
| 39 | - if ($key != "action") { | |
| 40 | - if (strlen($queryParams) > 0) { | |
| 41 | - $queryParams = "?$key=$value"; | |
| 42 | - } else { | |
| 43 | - $queryParams = $queryParams . "&$key=$value"; | |
| 44 | - } | |
| 45 | - } | |
| 32 | +if (checkSession()) { | |
| 33 | + // session check succeeds, so default action should be the dashboard | |
| 34 | + // (if no action specified | |
| 35 | + if (!isset($action)) { | |
| 36 | + $action = "dashboard"; | |
| 37 | + } | |
| 38 | +} else { | |
| 39 | + // session check fails, so default action should be the login form | |
| 40 | + // (if no action specified) | |
| 41 | + if (!isset($action)) { | |
| 42 | + $action = "loginForm"; | |
| 43 | + } | |
| 46 | 44 | } |
| 47 | 45 | |
| 48 | 46 | // reset authorisation flag before checking access |
| 49 | 47 | $_SESSION["authorised"] = false; |
| 50 | 48 | |
| 51 | -// check whether this group has access to the requested page | |
| 49 | +// check whether the users group has access to the requested page | |
| 52 | 50 | $page = $default->siteMap->getPage($action, $_SESSION["groupID"]); |
| 53 | 51 | |
| 54 | 52 | if (!$page) { |
| ... | ... | @@ -57,18 +55,13 @@ if (!$page) { |
| 57 | 55 | |
| 58 | 56 | // FIXME: redirect to no permission page |
| 59 | 57 | print "you do not have access to view this page! please go away, and come back when you do.<br>"; |
| 60 | - echo generateLink("LOGOUT") . "logout</a>"; | |
| 58 | + echo generateLink("logout") . "logout</a>"; | |
| 61 | 59 | |
| 62 | 60 | exit; |
| 63 | 61 | } else { |
| 64 | 62 | // set authorised flag and redirect |
| 65 | 63 | $_SESSION["authorised"] = true; |
| 66 | 64 | |
| 67 | - // if we have additional params to add do it | |
| 68 | - if (strlen($queryParams) > 0) { | |
| 69 | - $page = $page . "&$queryParams"; | |
| 70 | - } | |
| 71 | - | |
| 72 | 65 | redirect($page); |
| 73 | 66 | } |
| 74 | 67 | ?> | ... | ... |