summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorAndrew Dolgov <[email protected]>2021-03-04 13:40:54 +0300
committerAndrew Dolgov <[email protected]>2021-03-04 13:40:54 +0300
commit4fda5ccd0e248750f68b4a9802044d02f84eb7cc (patch)
treece129e5ecec1c37cabd38ab9c439f103f4ca6e55
parent30765805fddfcbec2ee18f96905a530ae30427d1 (diff)
fix a bunch of bookmarklets login forms not leading back
-rwxr-xr-xclasses/handler/public.php5
-rw-r--r--include/functions.php8
-rwxr-xr-xinclude/login_form.php2
-rw-r--r--plugins/auth_internal/init.php2
-rw-r--r--plugins/bookmarklets/init.php8
5 files changed, 19 insertions, 6 deletions
diff --git a/classes/handler/public.php b/classes/handler/public.php
index 0e82b6469..15ea01103 100755
--- a/classes/handler/public.php
+++ b/classes/handler/public.php
@@ -834,9 +834,12 @@ class Handler_Public extends Handler {
}
}
- static function _render_login_form() {
+ static function _render_login_form(string $return_to = "") {
header('Cache-Control: public');
+ if ($return_to)
+ $_REQUEST['return'] = $return_to;
+
require_once "login_form.php";
exit;
}
diff --git a/include/functions.php b/include/functions.php
index 5e75439cf..73d963803 100644
--- a/include/functions.php
+++ b/include/functions.php
@@ -236,6 +236,14 @@
}
}
+ function with_trailing_slash(string $str) : string {
+ if (substr($str, -1) === "/") {
+ return $str;
+ } else {
+ return "$str/";
+ }
+ }
+
function make_password($length = 12) {
$password = "";
$possible = "0123456789abcdfghjkmnpqrstvwxyzABCDFGHJKMNPQRSTVWXYZ*%+^";
diff --git a/include/login_form.php b/include/login_form.php
index 91850b768..be6734d07 100755
--- a/include/login_form.php
+++ b/include/login_form.php
@@ -85,7 +85,7 @@
</script>
-<?php $return = urlencode(Config::make_self_url()) ?>
+<?php $return = urlencode($_REQUEST['return'] ? $_REQUEST['return'] : with_trailing_slash(Config::make_self_url())) ?>
<div class="container">
diff --git a/plugins/auth_internal/init.php b/plugins/auth_internal/init.php
index bc0527e7f..9155f8165 100644
--- a/plugins/auth_internal/init.php
+++ b/plugins/auth_internal/init.php
@@ -100,7 +100,7 @@ class Auth_Internal extends Auth_Base {
<body class="flat ttrss_utility otp css_loading">
<h1><?= __("Authentication") ?></h1>
<div class="content">
- <form dojoType="dijit.form.Form" action="public.php?return=<?= $return ?>" method="post" class="otpform">
+ <form dojoType="dijit.form.Form" action="public.php?return=<?= urlencode(with_trailing_slash($return)) ?>" method="post" class="otpform">
<?php foreach (["login", "password", "bw_limit", "safe_mode", "remember_me", "profile"] as $key) {
print \Controls\hidden_tag($key, $_POST[$key] ?? "");
diff --git a/plugins/bookmarklets/init.php b/plugins/bookmarklets/init.php
index ab88d48e7..4bd527623 100644
--- a/plugins/bookmarklets/init.php
+++ b/plugins/bookmarklets/init.php
@@ -167,7 +167,7 @@ class Bookmarklets extends Plugin {
</html>
<?php
} else {
- Handler_Public::_render_login_form();
+ Handler_Public::_render_login_form($this->host->get_public_method_url($this, "subscribe"));
}
}
@@ -289,10 +289,12 @@ class Bookmarklets extends Plugin {
}
} else {
- print_error("Not logged in");
+ $return_to = $this->host->get_public_method_url($this, "sharepopup");
?>
- <form action="public.php?return=<?= urlencode(Config::make_self_url()) ?>" method="post">
+ <?= format_error("Not logged in") ?>
+
+ <form action="public.php?return=<?= urlencode($return_to) ?>" method="post">
<input type="hidden" name="op" value="login">