diff --git a/public/auth.php b/public/auth.php index 77316e46..33e82f6a 100644 --- a/public/auth.php +++ b/public/auth.php @@ -22,6 +22,7 @@ $authUsername = $isSubmission ? ($_POST['auth']['username'] ?? '') : ($_GET['use $authEmail = $isSubmission ? ($_POST['auth']['email'] ?? '') : ($_GET['email'] ?? ''); $authPassword = $_POST['auth']['password'] ?? ''; $authVerification = $_POST['auth']['verification'] ?? ''; +$authRedirect = $_POST['auth']['redirect'] ?? $_GET['redirect'] ?? $_SERVER['HTTP_REFERER'] ?? '/'; tpl_vars([ 'can_create_account' => $canCreateAccount, @@ -29,6 +30,7 @@ tpl_vars([ 'auth_mode' => $authMode, 'auth_username' => $authUsername, 'auth_email' => $authEmail, + 'auth_redirect' => $authRedirect, ]); switch ($authMode) { @@ -54,8 +56,9 @@ switch ($authMode) { break; case 'reset': + // If we're logged in, redirect to the password/e-mail change part in settings instead. if (user_session_active()) { - header('Location: /settings.php'); + header('Location: /settings.php#account'); break; } @@ -74,7 +77,7 @@ switch ($authMode) { $resetUser = $getResetUser->execute() ? $getResetUser->fetch(PDO::FETCH_ASSOC) : []; if (empty($resetUser)) { - header('Location: ?m=forgot'); + header('Location: /auth.php?m=forgot'); break; } @@ -113,7 +116,7 @@ switch ($authMode) { user_recovery_token_invalidate($resetUser['user_id'], $authVerification); - header('Location: /auth.php?m=login&u=' . $resetUser['user_id']); + header("Location: /auth.php?m=login&u={$resetUser['user_id']}"); break; } @@ -272,7 +275,11 @@ MSG; set_cookie_m('uid', $userId, $cookieLife); set_cookie_m('sid', $sessionKey, $cookieLife); - header('Location: /'); + if (!is_local_url($authRedirect)) { + $authRedirect = '/'; + } + + header("Location: {$authRedirect}"); return; } diff --git a/templates/_layout/input.twig b/templates/_layout/input.twig index 0674c171..8d4b7d56 100644 --- a/templates/_layout/input.twig +++ b/templates/_layout/input.twig @@ -10,13 +10,13 @@ {% endspaceless %} {% endmacro %} -{% macro input_text(name, class, value, type, placeholder, required, attributes) %} +{% macro input_text(name, class, value, type, placeholder, required, attributes, tabindex, autofocus) %} {% spaceless %} 0 %}name="{{ name }}"{% else %}readonly{% endif %} class="input__text{% if name|length < 1 %} input__text--readonly{% endif %}{{ class|length > 0 ? ' ' ~ class : '' }}" {% if placeholder|length > 0 %}placeholder="{{ placeholder }}"{% endif %} - {% if value|length > 0 %}value="{{ value }}"{% endif %} - {% if required|default(false) %}required{% endif %} + {% if value|length > 0 %}value="{{ value }}"{% endif %} {% if required|default(false) %}required{% endif %} + {% if tabindex > 0 %}tabindex="{{ tabindex }}"{% endif %} {% if autofocus|default(false) %}autofocus{% endif %} {% for name, value in attributes|default([]) %} {{ name }}{% if value|length > 0 %}="{{ value }}"{% endif %} {% endfor %}> diff --git a/templates/auth/auth.twig b/templates/auth/auth.twig index 36416bfc..1daa0fef 100644 --- a/templates/auth/auth.twig +++ b/templates/auth/auth.twig @@ -7,7 +7,9 @@ {{ auth_login( auth_username|default(''), auth_register_message|default(auth_login_error|default('')), - auth_register_message is defined + auth_register_message is defined, + auth_redirect|default('/'), + auth_mode == 'login' ) }} {% if can_create_account %} @@ -26,7 +28,7 @@ {% endif %}
- {{ input_text('auth[username]', 'auth__input', auth_username|default(''), 'text', 'Username', true) }} + {{ input_text('auth[username]', 'auth__input', auth_username|default(''), 'text', 'Username', true, null, 0, auth_mode == 'register') }} {{ input_text('auth[password]', 'auth__input', '', 'password', 'Password', true) }} {{ input_text('auth[email]', 'auth__input', auth_email|default(''), 'text', 'E-mail', true) }} {{ input_text('auth[meow]', 'auth__input', '', 'text', 'What is the outcome of nine plus ten?', true) }} @@ -52,7 +54,7 @@ {% endif %}
- {{ input_text('auth[email]', 'auth__input', auth_email|default(''), 'text', 'E-mail', true) }} + {{ input_text('auth[email]', 'auth__input', auth_email|default(''), 'text', 'E-mail', true, null, 0, auth_mode == 'forgot') }}
diff --git a/templates/auth/macros.twig b/templates/auth/macros.twig index 179bf456..16e11067 100644 --- a/templates/auth/macros.twig +++ b/templates/auth/macros.twig @@ -1,5 +1,6 @@ -{% macro auth_login(username, message, is_welcome) %} +{% macro auth_login(username, message, is_welcome, redirect, autofocus) %} {% set is_welcome = is_welcome|default(false) %} + {% set autofocus = autofocus|default(false) %} {% from '_layout/input.twig' import input_hidden, input_csrf, input_text %} @@ -7,6 +8,10 @@ {{ input_hidden('auth[mode]', 'login') }} {{ input_csrf('login') }} + {% if redirect|length > 0 %} + {{ input_hidden('auth[redirect]', redirect) }} + {% endif %} +