Bug #37612
closed
felogin redirects to password reset after login
0%
Description
felogin redirects to password reset confirmation page after successful because "redirect to referer" is set in the plugin.
Fix this by skipping the referer input field when the url contains "tx_felogin_pi[forgotHash]".
Unfortunately this fix only works when the parameter is not beautified via URL rewriters like realurl.
Files
Updated by Markus Klein over 12 years ago
Possible fix is:
class.tx_felogin_pi.php:
// check for referer redirect method. if present, save referer in form field
if (t3lib_div::inList($this->conf['redirectMode'], 'referer') || t3lib_div::inList($this->conf['redirectMode'], 'refererDomains')) {
$referer = $this->referer ? $this->referer : t3lib_div::getIndpEnv('HTTP_REFERER');
if ($referer && strpos($referer, 'tx_felogin_pi1[forgotHash]') !== FALSE) {
$extraHiddenAr[] = '<input type="hidden" name="referer" value="' . htmlspecialchars($referer) . '" />';
}
}
by extending the condition in line 4.
Updated by Jigal van Hemert over 12 years ago
- Status changed from New to Needs Feedback
- Assignee set to Jigal van Hemert
- Complexity changed from nightmare to easy
I think this is a duplicate of #21943 , which was only applied to 6.0 and 4.7; unfortunately I haven't backported them to 4.6 and 4.5.
Markus, you reviewed the patch on 6.0 :-) Could you take care of the backports?
Updated by Markus Klein over 12 years ago
Damn it. I knew we had something like that already, but I didn't find it on forge as I searched only for open tickets, as I thought all the changes were already backported.
I'll of course do the backports right now.
Thanks Jigal!
Updated by Jigal van Hemert over 12 years ago
- Status changed from Needs Feedback to Resolved
Applied in changeset bbc55bf5b7b44e845052085e893e7f1566c026fd.
Updated by