From 4724a093a854cc6efe383f1ae9f72cdd2c32542c Mon Sep 17 00:00:00 2001
From: Andrew Dolgov <fox@madoka.spb.ru>
Date: Thu, 9 Nov 2006 11:00:24 +0100
Subject: improve session expiry handling (redirect back to login form on rpc
 error code 6)

---
 login.php | 9 +++++----
 1 file changed, 5 insertions(+), 4 deletions(-)

(limited to 'login.php')

diff --git a/login.php b/login.php
index 8cd2a5c5d..27170c96b 100644
--- a/login.php
+++ b/login.php
@@ -9,6 +9,7 @@
 	$error_msg = "";
 
 	$url_path = get_script_urlpath();
+	$return_to = $_REQUEST["rt"];
 
 	if (ENABLE_LOGIN_SSL) {		
 		$redirect_base = "https://" . $_SERVER["SERVER_NAME"] . $url_path;
@@ -16,7 +17,7 @@
 		$redirect_base = "http://" . $_SERVER["SERVER_NAME"] . $url_path;
 	}
 
-	if (SINGLE_USER_MODE) {
+	if (SINGLE_USER_MODE && $return_to != "none") {
 		header("Location: $redirect_base/tt-rss.php");
 		exit;
 	}
@@ -25,10 +26,9 @@
 
 	$login = $_POST["login"];
 	$password = $_POST["password"];
-	$return_to = $_POST["rt"];
 	$action = $_POST["action"];
 
-	if ($_COOKIE[get_session_cookie_name()]) {
+	if ($_COOKIE[get_session_cookie_name()] && $return_to != "none") {
 		require_once "sessions.php";
 		if ($_SESSION["uid"]) {
 			initialize_user_prefs($link, $_SESSION["uid"]); 
@@ -129,7 +129,8 @@ window.onload = init;
 			<tr><td colspan="2" align="right" class="innerLoginCell">
 				<input type="submit" class="button" value="Login">
 				<input type="hidden" name="action" value="login">
-				<input type="hidden" name="rt" value="<?php echo $_GET['rt'] ?>">
+				<input type="hidden" name="rt" 
+					value="<?php if ($return_to != 'none') { echo $return_to; } ?>">
 			</td></tr>
 		</table>
 	</td>
-- 
cgit v1.2.3-54-g00ecf