Remember the page for password changes too, and take them there

This commit is contained in:
dave 2010-01-24 06:47:09 +00:00
parent 54fe3bf509
commit ed6879754d
2 changed files with 15 additions and 2 deletions

View File

@ -795,6 +795,8 @@ function user_valid_email($str)
function user_auth_required($type, $access='')
{
global $config;
unset($_SESSION['request_uri']);
if(!isset($_SESSION['users_type'])) {
message_push(error(i18n("You must login to view that page")));
$_SESSION['request_uri'] = $_SERVER['REQUEST_URI'];
@ -802,8 +804,10 @@ function user_auth_required($type, $access='')
exit;
}
/* Turn $type into an array */
if(!is_array($type)) $type = array($type);
/* Iterate over all the allowed types and see if this user matches */
$auth_type = false;
foreach($type as $t) {
if($_SESSION['users_type'] == $t) {
@ -812,18 +816,22 @@ function user_auth_required($type, $access='')
}
}
/* No match, no access */
if($auth_type == false) {
message_push(error(i18n("You must login to view that page")));
message_push(error(i18n("You do not have permission to view that page")));
header("location: {$config['SFIABDIRECTORY']}/user_login.php?type=$type");
exit;
}
/* Forward to password expired, remember the target URI */
if($_SESSION['password_expired'] == true) {
$_SESSION['request_uri'] = $_SERVER['REQUEST_URI'];
header("location: {$config['SFIABDIRECTORY']}/user_password.php");
exit;
}
/* Check committee sub-access */
if($auth_type == 'committee' && $access != '') {
if(committee_auth_has_access($access) == false) {
message_push(error(i18n('You do not have permission to view that page')));

View File

@ -50,7 +50,12 @@
}
if(array_key_exists('request_uri', $_SESSION)
$back_link = $_SESSION['request_uri'];
else
$back_link = "{$type}_main.php";
unset($_SESSION['request_uri']);
$password_expiry_days = $config["{$type}_password_expiry_days"];