Redirect to / when logging in to avoid posting to forms accidently and clearing the form and causing all kinds of chaos. Ticket #161

2 files changed, 5 insertions, 1 deletions

diff --git a/etc/inc/auth.inc b/etc/inc/auth.inc
index 2ae160e..753d041 100644
--- a/etc/inc/auth.inc
+++ b/etc/inc/auth.inc
@@ -885,6 +885,8 @@ function session_auth($backing) {
 					$_SESSION['Username'] = $_POST['usernamefld'];
 					$_SESSION['last_access'] = time();
 					log_error("Successful login for user '{$_POST['usernamefld']}' from: {$_SERVER['REMOTE_ADDR']}");
+					require_once("functions.inc");
+					pfSenseHeader("/{$page}");
 				}
 			}
 		} else {
diff --git a/etc/inc/authgui.inc b/etc/inc/authgui.inc
index 6fa3cfa..dcaa3d5 100644
--- a/etc/inc/authgui.inc
+++ b/etc/inc/authgui.inc
@@ -85,6 +85,7 @@ if (!isAllowedPage($_SERVER['SCRIPT_NAME'], $_SESSION['Username'])) {
 	if (count($allowedpages) > 0) {
 		$page = str_replace('*', '', $allowedpages[0]);
 		$_SESSION['Post_Login'] = true;
+		require_once("functions.inc");
 		pfSenseHeader("/{$page}");
 		exit;
 	} else {
@@ -99,7 +100,8 @@ if (!isAllowedPage($_SERVER['SCRIPT_NAME'], $_SESSION['Username'])) {
  * taking action in reponse to a POST request
  */
 if (!$_SESSION['Post_Login']) {
-	$_SESSION['Post_Login'] = true;
+	$_SESSION['Post_Login'] = true;	
+	require_once("functions.inc");
 	pfSenseHeader($_SERVER['REQUEST_URI']);
 	exit;
 }