diff options
author | Ermal <eri@pfsense.org> | 2010-06-17 21:44:53 +0000 |
---|---|---|
committer | Ermal <eri@pfsense.org> | 2010-06-17 21:44:53 +0000 |
commit | f23e63638af309ec317dc924794c34dd1c68fecc (patch) | |
tree | 3d3cefe33a4661a4de3ed43b588730f1a191f161 /etc/inc/auth.inc | |
parent | 5082282c3a4cfaed950dee0d8aaf6b7a6a7e7dfe (diff) | |
download | pfsense-f23e63638af309ec317dc924794c34dd1c68fecc.zip pfsense-f23e63638af309ec317dc924794c34dd1c68fecc.tar.gz |
Fixes #660. Simplify some code and correctly do an exit after a redirect is issued. Thanks-to: Efonne for analysis.
Diffstat (limited to 'etc/inc/auth.inc')
-rw-r--r-- | etc/inc/auth.inc | 12 |
1 files changed, 4 insertions, 8 deletions
diff --git a/etc/inc/auth.inc b/etc/inc/auth.inc index 2e580b1..e358827 100644 --- a/etc/inc/auth.inc +++ b/etc/inc/auth.inc @@ -1099,10 +1099,12 @@ function session_auth() { $_SESSION['last_access'] = time(); log_error("Successful login for user '{$_POST['usernamefld']}' from: {$_SERVER['REMOTE_ADDR']}"); require_once("functions.inc"); + $HTTP_SERVER_VARS['AUTH_USER'] = $_SESSION['Username']; if (isset($_POST['postafterlogin'])) return true; else pfSenseHeader("/{$page}"); + exit; } else { /* give the user an error message */ $_SESSION['Login_Error'] = "Username or Password incorrect"; @@ -1177,20 +1179,14 @@ function session_auth() { * to submit a HTML form. It basically diables the observation * of the submit event and hence does not trigger Ajax. */ - if ($_GET['disable_ajax']) { + if ($_GET['disable_ajax']) $_SESSION['NO_AJAX'] = "True"; - $HTTP_SERVER_VARS['AUTH_USER'] = $_SESSION['Username']; - return true; - } /* * Same to re-enable Ajax. */ - if ($_GET['enable_ajax']) { + if ($_GET['enable_ajax']) unset($_SESSION['NO_AJAX']); - $HTTP_SERVER_VARS['AUTH_USER'] = $_SESSION['Username']; - return true; - } $HTTP_SERVER_VARS['AUTH_USER'] = $_SESSION['Username']; return true; |