Remember the page for password changes too, and take them there

user.inc.php

@@ -795,6 +795,8 @@ function user_valid_email($str)
 function user_auth_required($type, $access='')
 {
 	global $config;
+
+	unset($_SESSION['request_uri']);
 	if(!isset($_SESSION['users_type'])) {
 		message_push(error(i18n("You must login to view that page")));
 		$_SESSION['request_uri'] = $_SERVER['REQUEST_URI'];
@@ -802,8 +804,10 @@ function user_auth_required($type, $access='')
 		exit;
 	}
 
+	/* Turn $type into an array */
 	if(!is_array($type)) $type = array($type);
 
+	/* Iterate over all the allowed types and see if this user matches */
 	$auth_type = false;
 	foreach($type as $t) {
 		if($_SESSION['users_type'] == $t) {
@@ -812,18 +816,22 @@ function user_auth_required($type, $access='')
 		}
 	}
 
+	/* No match, no access */
 	if($auth_type == false) {
-		message_push(error(i18n("You must login to view that page")));
+		message_push(error(i18n("You do not have permission to view that page")));
 		header("location: {$config['SFIABDIRECTORY']}/user_login.php?type=$type");
 		exit;
 	}
 
+	/* Forward to password expired, remember the target URI */
 	if($_SESSION['password_expired'] == true) {
+		$_SESSION['request_uri'] = $_SERVER['REQUEST_URI'];
 		header("location: {$config['SFIABDIRECTORY']}/user_password.php");
 		exit;
 	}
 
 
+	/* Check committee sub-access */
 	if($auth_type == 'committee' && $access != '') {
 		if(committee_auth_has_access($access) == false) {
 			message_push(error(i18n('You do not have permission to view that page')));

user_password.php

@@ -50,7 +50,12 @@
  }
 											  
 
- $back_link = "{$type}_main.php";
+ if(array_key_exists('request_uri', $_SESSION)
+ 	$back_link = $_SESSION['request_uri'];
+ else 
+	 $back_link = "{$type}_main.php";
+ unset($_SESSION['request_uri']);
+
  $password_expiry_days = $config["{$type}_password_expiry_days"];