require_once "SQL/user.php";
$logout = false;
+$redirect = (isset($_GET['redirect'])) ? $_GET['redirect'] : BASE_URL;
+
if (!empty($_GET['logout']))
{
if (!isset($_SESSION['id']))
}
else if ($user->password_verify($_POST['password']))
{
+ var_dump($_GET);
+
$_SESSION['id'] = $user->id;
- header('Location: ' . BASE_URL);
+ header('Location: ' . $redirect);
$user->add_meta("last_login", date("Y-m-d m:i:s"));
}
else
</script>
<body role="document">
<div class="container-fluid">
-<form method="post" action="login.php">
+<form method="post" action="login.php?redirect=<?php echo $redirect; ?>">
<div class="modal" id="loginModal" data-bs-backdrop="static" data-bs-keyboard="false" tabindex="-1" aria-labelledby="loginModal" aria-hidden="true">
<div class="modal-dialog modal-dialog-centered">
<div class="modal-content">
}
}
+ /* pre-Header hook */
public static function session_start($n)
{
if (!isset($_SESSION))
do_log($_SESSION);
if (!isset($_SESSION['id']) || empty($_SESSION))
{
+ $secure = ($_SERVER['HTTPS'] == 'on') ? "https://" : "http://";
+ $current_url = "$secure$_SERVER[HTTP_HOST]$_SERVER[REQUEST_URI]";
$tok = split($_SERVER['SCRIPT_FILENAME'], "/");
if ($check = security_check() && $tok[count($tok) - 1] !== "error.php") {
header("Location: " . BASE_URL . "plugins/sql_auth/error.php");
die();
}
- session_destroy();
- header("Location: ".BASE_URL."plugins/sql_auth/login.php");
+ header("Location: ".BASE_URL."plugins/sql_auth/login.php?redirect=".urlencode($current_url));
die();
}
else