summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorthomascube <thomas@roundcube.net>2011-01-06 12:41:16 +0000
committerthomascube <thomas@roundcube.net>2011-01-06 12:41:16 +0000
commitc3be8ed64c601e0b15645664d58cec7ace17b5cb (patch)
tree81c9f63dfc12c4a0a1f0988735343cc14918d193
parent56849c658b023ba8143c60435ddec2ee225fc11d (diff)
Make sure an existing session is killed/replaced when submitting login form
-rw-r--r--CHANGELOG1
-rw-r--r--index.php2
-rw-r--r--program/include/rcmail.php2
-rwxr-xr-xprogram/include/rcube_template.php4
4 files changed, 6 insertions, 3 deletions
diff --git a/CHANGELOG b/CHANGELOG
index e9af27849..7061bf00d 100644
--- a/CHANGELOG
+++ b/CHANGELOG
@@ -1,6 +1,7 @@
CHANGELOG Roundcube Webmail
===========================
+- Fix double-login/session issue (#1487104)
- Wrap HTML parts with <html><body> and add Doctype declaration (#1487098)
- Make rcube_autoload silently skip unknown classes (#1487109)
- Fix charset detection in vcards with encoded values (#1485542)
diff --git a/index.php b/index.php
index 47b08eff8..8c9370e8c 100644
--- a/index.php
+++ b/index.php
@@ -104,7 +104,7 @@ if ($RCMAIL->task == 'login' && $RCMAIL->action == 'login') {
rcmail_log_login();
// restore original request parameters
- $query = array();
+ $query = array('_task' => 'mail');
if ($url = get_input_value('_url', RCUBE_INPUT_POST))
parse_str($url, $query);
diff --git a/program/include/rcmail.php b/program/include/rcmail.php
index afdb77cd1..e4078a72f 100644
--- a/program/include/rcmail.php
+++ b/program/include/rcmail.php
@@ -208,7 +208,7 @@ class rcmail
$task = asciiwords($task);
if ($this->user && $this->user->ID)
- $task = !$task || $task == 'login' ? 'mail' : $task;
+ $task = !$task ? 'mail' : $task;
else
$task = 'login';
diff --git a/program/include/rcube_template.php b/program/include/rcube_template.php
index d6ea3dce2..e914d2e96 100755
--- a/program/include/rcube_template.php
+++ b/program/include/rcube_template.php
@@ -1059,6 +1059,7 @@ class rcube_template extends rcube_html_page
$host_attrib = $autocomplete > 0 ? array() : array('autocomplete' => 'off');
$pass_attrib = $autocomplete > 1 ? array() : array('autocomplete' => 'off');
+ $input_task = new html_hiddenfield(array('name' => '_task', 'value' => 'login'));
$input_action = new html_hiddenfield(array('name' => '_action', 'value' => 'login'));
$input_tzone = new html_hiddenfield(array('name' => '_timezone', 'id' => 'rcmlogintz', 'value' => '_default_'));
$input_url = new html_hiddenfield(array('name' => '_url', 'id' => 'rcmloginurl', 'value' => $url));
@@ -1109,7 +1110,8 @@ class rcube_template extends rcube_html_page
$table->add(null, $input_host->show(get_input_value('_host', RCUBE_INPUT_GPC)));
}
- $out = $input_action->show();
+ $out = $input_task->show();
+ $out .= $input_action->show();
$out .= $input_tzone->show();
$out .= $input_url->show();
$out .= $table->show();