diff options
author | thomascube <thomas@roundcube.net> | 2011-01-06 12:41:16 +0000 |
---|---|---|
committer | thomascube <thomas@roundcube.net> | 2011-01-06 12:41:16 +0000 |
commit | c3be8ed64c601e0b15645664d58cec7ace17b5cb (patch) | |
tree | 81c9f63dfc12c4a0a1f0988735343cc14918d193 | |
parent | 56849c658b023ba8143c60435ddec2ee225fc11d (diff) |
Make sure an existing session is killed/replaced when submitting login form
-rw-r--r-- | CHANGELOG | 1 | ||||
-rw-r--r-- | index.php | 2 | ||||
-rw-r--r-- | program/include/rcmail.php | 2 | ||||
-rwxr-xr-x | program/include/rcube_template.php | 4 |
4 files changed, 6 insertions, 3 deletions
@@ -1,6 +1,7 @@ CHANGELOG Roundcube Webmail =========================== +- Fix double-login/session issue (#1487104) - Wrap HTML parts with <html><body> and add Doctype declaration (#1487098) - Make rcube_autoload silently skip unknown classes (#1487109) - Fix charset detection in vcards with encoded values (#1485542) @@ -104,7 +104,7 @@ if ($RCMAIL->task == 'login' && $RCMAIL->action == 'login') { rcmail_log_login(); // restore original request parameters - $query = array(); + $query = array('_task' => 'mail'); if ($url = get_input_value('_url', RCUBE_INPUT_POST)) parse_str($url, $query); diff --git a/program/include/rcmail.php b/program/include/rcmail.php index afdb77cd1..e4078a72f 100644 --- a/program/include/rcmail.php +++ b/program/include/rcmail.php @@ -208,7 +208,7 @@ class rcmail $task = asciiwords($task); if ($this->user && $this->user->ID) - $task = !$task || $task == 'login' ? 'mail' : $task; + $task = !$task ? 'mail' : $task; else $task = 'login'; diff --git a/program/include/rcube_template.php b/program/include/rcube_template.php index d6ea3dce2..e914d2e96 100755 --- a/program/include/rcube_template.php +++ b/program/include/rcube_template.php @@ -1059,6 +1059,7 @@ class rcube_template extends rcube_html_page $host_attrib = $autocomplete > 0 ? array() : array('autocomplete' => 'off'); $pass_attrib = $autocomplete > 1 ? array() : array('autocomplete' => 'off'); + $input_task = new html_hiddenfield(array('name' => '_task', 'value' => 'login')); $input_action = new html_hiddenfield(array('name' => '_action', 'value' => 'login')); $input_tzone = new html_hiddenfield(array('name' => '_timezone', 'id' => 'rcmlogintz', 'value' => '_default_')); $input_url = new html_hiddenfield(array('name' => '_url', 'id' => 'rcmloginurl', 'value' => $url)); @@ -1109,7 +1110,8 @@ class rcube_template extends rcube_html_page $table->add(null, $input_host->show(get_input_value('_host', RCUBE_INPUT_GPC))); } - $out = $input_action->show(); + $out = $input_task->show(); + $out .= $input_action->show(); $out .= $input_tzone->show(); $out .= $input_url->show(); $out .= $table->show(); |