Bug #15606
closed
Pages are hidden to early after FE login
0%
Description
Suppose the welcome page with "hide at login" attribute has a login form, which redirects to user home page after successful login. But that redirection never occurs as the page id is invalid after login and the page is not processed.
The straightforward solution seems to make the page rendering two-phased: if after the first phase the page id was invalid, then unset all the contents and do as TYPO3 does today. But it can cause serious problems when the page contains some "active" content, like custom php script which make changes to the database, whatever. As it is impossible to detect all such cases at runtime, the simplest solution is to add to the backend's page header information a checkbox like "self redirect safe" and leave decision to the backend user discretion.
(issue imported from #M2533)
Updated by Maciej Orzech about 18 years ago
Ok, my solution proposed above is not good, but I am a total novice and learning TYPO3.
Maybe the solution like this:
1. in getPageAndRootline (tslib/class.tslib_fe.php), when getPage fails to find a page, create a new hook handler and if there are any hooks then
1.1 reset the group access field of the $this->sys_page object and retry the getPage, then if page found
1.2 call the hooks with that page, the returned page id can then be rechecked with getPage (with group access field set).
2. The rest of the getPageAndRootline with no change.
Also, the FE login extenstion author should add a hook porcedure to his extension.
Updated by Rob Vonk over 15 years ago
Fixed since 4.2.0: TYPO3 4.2. has a new login-box system extension called "felogin". This is an enhanced version of the "newloginbox" extension, and is now integrated into the TYPO3 core software. When installed, the new extension will replace the old login content element. The new extension comes with a new redirection framework and many configuration options, but runs well using only the default settings.
Updated by Christian Jul Jensen over 15 years ago
fixed with the new login in 4.2
Updated by