summaryrefslogtreecommitdiff
path: root/lib/VNDB/Handler/Users.pm
diff options
context:
space:
mode:
authorYorhel <git@yorhel.nl>2015-07-19 02:46:30 +0200
committerYorhel <git@yorhel.nl>2015-07-19 02:46:30 +0200
commit903b7b6e680a008cd8c93719a1e7f71f3d1c34b0 (patch)
treeda8f22f39996f82d1ed534005b3c04e7877d9e7a /lib/VNDB/Handler/Users.pm
parentf5e7a629a85a3abda0bfe7ee81b8612409377056 (diff)
Remove reliance on Referer header for the login form
Diffstat (limited to 'lib/VNDB/Handler/Users.pm')
-rw-r--r--lib/VNDB/Handler/Users.pm6
1 files changed, 3 insertions, 3 deletions
diff --git a/lib/VNDB/Handler/Users.pm b/lib/VNDB/Handler/Users.pm
index cf55a605..87e9701b 100644
--- a/lib/VNDB/Handler/Users.pm
+++ b/lib/VNDB/Handler/Users.pm
@@ -154,6 +154,8 @@ sub login {
return;
}
+ my $ref = $self->formValidate({ param => 'ref', required => 0, default => '/'})->{ref};
+
my $frm;
if($self->reqMethod eq 'POST') {
return if !$self->authCheckCode;
@@ -162,9 +164,6 @@ sub login {
{ post => 'usrpass', required => 1, minlength => 4, maxlength => 64, template => 'asciiprint' },
);
- my $b = $self->reqBaseURI();
- (my $ref = $self->reqHeader('Referer')||'/') =~ s/^\Q$b//;
- $ref = '/' if $ref =~ /^\/u\//;
if(!$frm->{_err}) {
return if $self->authLogin($frm->{usrname}, $frm->{usrpass}, $ref);
$frm->{_err} = [ 'login_failed' ];
@@ -174,6 +173,7 @@ sub login {
$self->htmlHeader(noindex => 1, title => mt '_login_title');
$self->htmlForm({ frm => $frm, action => '/u/login' }, login => [ mt('_login_title'),
+ [ hidden => short => 'ref', value => $ref ],
[ input => short => 'usrname', name => mt '_login_username' ],
[ static => content => '<a href="/u/register">'.mt('_login_register').'</a>' ],
[ passwd => short => 'usrpass', name => mt '_login_password' ],