Merge branch 'master' of github.com:ZoneMinder/zoneminder

This commit is contained in:
Isaac Connor 2020-01-21 16:53:53 -05:00
commit daa2f1bab6
3 changed files with 15 additions and 7 deletions

View File

@ -152,8 +152,6 @@ if (
setcookie('zmCSS', $css, time()+3600*24*30*12*10);
}
# Only one request can open the session file at a time, so let's close the session here to improve concurrency.
# Any file/page that sets session variables must re-open it.
require_once('includes/lang.php');
@ -186,6 +184,8 @@ if ( isset($_REQUEST['request']) )
$request = detaintPath($_REQUEST['request']);
require_once('includes/auth.php');
# Only one request can open the session file at a time, so let's close the session here to improve concurrency.
# Any file/page that sets session variables must re-open it.
session_write_close();
foreach ( getSkinIncludes('skin.php') as $includeFile ) {
@ -242,6 +242,12 @@ if ( ZM_OPT_USE_AUTH and (!isset($user)) and ($view != 'login') and ($view != 'n
ZM\Logger::Debug('Redirecting to login');
$view = 'none';
$redirect = ZM_BASE_URL.$_SERVER['PHP_SELF'].'?view=login';
if ( ! $request ) {
zm_session_start();
$_SESSION['postLoginQuery'] = $_SERVER['QUERY_STRING'];
ZM\Error("postLoginQuery " . $_SESSION['postLoginQuery']);
session_write_close();
}
$request = null;
} else if ( ZM_SHOW_PRIVACY && ($view != 'privacy') && ($view != 'options') && (!$request) && canEdit('System') ) {
$view = 'none';

View File

@ -11,12 +11,15 @@
(
function () {
// Append '?(GET query)' to URL if the GET query is not empty.
var querySuffix = "<?php
if (!empty($_POST['postLoginQuery'])) {
parse_str($_POST['postLoginQuery'], $queryParams);
var querySuffix = '<?php
if (!empty($_SESSION['postLoginQuery'])) {
parse_str($_SESSION['postLoginQuery'], $queryParams);
echo '?' . http_build_query($queryParams);
zm_session_start();
unset($_SESSION['postLoginQuery']);
session_write_close();
}
?>";
?>';
if ( querySuffix == '?view=login' ) {
// If we didn't redirect elsewhere, then don't show login page, go to console

View File

@ -7,7 +7,6 @@ xhtmlHeaders(__FILE__, translate('Login'));
<form class="center-block" name="loginForm" id="loginForm" method="post" action="?">
<input type="hidden" name="action" value="login"/>
<input type="hidden" name="view" value="login"/>
<input type="hidden" name="postLoginQuery" value="<?php echo isset($_SERVER['QUERY_STRING']) ? htmlspecialchars($_SERVER['QUERY_STRING']) : ''?>">
<div id="loginError" class="hidden alarm" role="alert">
<span class="glyphicon glyphicon-exclamation-sign" aria-hidden="true"></span>