From 6af7c40b296e0f95ec308d41aea55b3306c5e1ee Mon Sep 17 00:00:00 2001
From: sullrich <sullrich@pfsense.org>
Date: Thu, 3 Dec 2009 20:14:36 -0500
Subject: Redirect to / when logging in to avoid posting to forms accidently
 and clearing the form and causing all kinds of chaos.  Ticket #161

---
 etc/inc/auth.inc    | 2 ++
 etc/inc/authgui.inc | 4 +++-
 2 files changed, 5 insertions(+), 1 deletion(-)

diff --git a/etc/inc/auth.inc b/etc/inc/auth.inc
index 2ae160e..753d041 100644
--- a/etc/inc/auth.inc
+++ b/etc/inc/auth.inc
@@ -885,6 +885,8 @@ function session_auth($backing) {
 					$_SESSION['Username'] = $_POST['usernamefld'];
 					$_SESSION['last_access'] = time();
 					log_error("Successful login for user '{$_POST['usernamefld']}' from: {$_SERVER['REMOTE_ADDR']}");
+					require_once("functions.inc");
+					pfSenseHeader("/{$page}");
 				}
 			}
 		} else {
diff --git a/etc/inc/authgui.inc b/etc/inc/authgui.inc
index 6fa3cfa..dcaa3d5 100644
--- a/etc/inc/authgui.inc
+++ b/etc/inc/authgui.inc
@@ -85,6 +85,7 @@ if (!isAllowedPage($_SERVER['SCRIPT_NAME'], $_SESSION['Username'])) {
 	if (count($allowedpages) > 0) {
 		$page = str_replace('*', '', $allowedpages[0]);
 		$_SESSION['Post_Login'] = true;
+		require_once("functions.inc");
 		pfSenseHeader("/{$page}");
 		exit;
 	} else {
@@ -99,7 +100,8 @@ if (!isAllowedPage($_SERVER['SCRIPT_NAME'], $_SESSION['Username'])) {
  * taking action in reponse to a POST request
  */
 if (!$_SESSION['Post_Login']) {
-	$_SESSION['Post_Login'] = true;
+	$_SESSION['Post_Login'] = true;	
+	require_once("functions.inc");
 	pfSenseHeader($_SERVER['REQUEST_URI']);
 	exit;
 }
-- 
cgit v1.1