[BUGFIX] redirect to referrer when changing password
authorJigal van Hemert <jigal@xs4all.nl>
Sun, 1 Jan 2012 22:05:47 +0000 (23:05 +0100)
committerJigal van Hemert <jigal@xs4all.nl>
Wed, 30 May 2012 20:24:08 +0000 (22:24 +0200)
The referrer and referrerDomains redirect options must be ignored after
changing the password, otherwise you would end up on the page where the
change password form was displayed (which shows an error message now).
An extra option to ignore the referrer redirects is introduced for this.

Change-Id: I6daeb685f0656f56797a2cb2decc5982a5cf525c
Fixes: #21943
Releases: 4.5, 4.6, 4.7
Reviewed-on: http://review.typo3.org/11754
Reviewed-by: Markus Klein
Tested-by: Markus Klein
Reviewed-by: Jigal van Hemert
Tested-by: Jigal van Hemert
typo3/sysext/felogin/pi1/class.tx_felogin_pi1.php

index d8ea023..fb862bc 100644 (file)
@@ -300,7 +300,10 @@ class tx_felogin_pi1 extends tslib_pibase {
                                                $markerArray['###STATUS_MESSAGE###'] = $this->getDisplayText('change_password_done_message', $this->conf['changePasswordMessage_stdWrap.']);
                                                $done = true;
                                                $subpartArray['###CHANGEPASSWORD_FORM###'] = '';
-                                               $markerArray['###BACKLINK_LOGIN###'] = $this->getPageLink($this->pi_getLL('ll_forgot_header_backToLogin', '', 1), array());
+                                               $markerArray['###BACKLINK_LOGIN###'] = $this->getPageLink(
+                                                       $this->pi_getLL('ll_forgot_header_backToLogin', '', 1),
+                                                       array($this->prefixId . '[redirectReferrer]' => 'off')
+                                               );
                                        }
                                }
 
@@ -486,6 +489,9 @@ class tx_felogin_pi1 extends tslib_pibase {
                        $referer = $this->referer ? $this->referer : t3lib_div::getIndpEnv('HTTP_REFERER');
                        if ($referer) {
                                $extraHiddenAr[] = '<input type="hidden" name="referer" value="' . htmlspecialchars($referer) . '" />';
+                               if ($this->piVars['redirectReferrer'] === 'off') {
+                                       $extraHiddenAr[] = '<input type="hidden" name="' . $this->prefixId . '[redirectReferrer]" value="off" />';
+                               }
                        }
                }
 
@@ -589,15 +595,19 @@ class tx_felogin_pi1 extends tslib_pibase {
                                                        $redirect_url[] = $this->redirectUrl;
                                                break;
                                                case 'referer':
-                                                               // avoid forced logout, when trying to login immediatly after a logout
-                                                       $redirect_url[] = preg_replace('/[&?]logintype=[a-z]+/', '', $this->referer);
+                                                               // avoid redirect when logging in after changing password
+                                                       if ($this->piVars['redirectReferrer'] !== 'off') {
+                                                                       // avoid forced logout, when trying to login immediatly after a logout
+                                                               $redirect_url[] = preg_replace('/[&?]logintype=[a-z]+/', '', $this->referer);
+                                                       }
                                                break;
                                                case 'refererDomains':
                                                                // Auto redirect.
                                                                // Feature to redirect to the page where the user came from (HTTP_REFERER).
                                                                // Allowed domains to redirect to, can be configured with plugin.tx_felogin_pi1.domains
                                                                // Thanks to plan2.net / Martin Kutschker for implementing this feature.
-                                                       if ($this->conf['domains']) {
+                                                               // also avoid redirect when logging in after changing password
+                                                       if ($this->conf['domains'] && $this->piVars['redirectReferrer'] !== 'off') {
                                                                $url = $this->referer;
                                                                        // is referring url allowed to redirect?
                                                                $match = array();
@@ -618,7 +628,7 @@ class tx_felogin_pi1 extends tslib_pibase {
                                                                        // Avoid forced logout, when trying to login immediatly after a logout
                                                                if ($url) {
                                                                        $redirect_url[] = preg_replace('/[&?]logintype=[a-z]+/', '', $url);
-                                                       }
+                                                               }
                                                        }
                                                break;
                                        }