Your message dated Tue, 30 Jun 2009 17:16:38 +0200
with message-id <[email protected]>
and subject line Re: Bug#535178: Login page redirecting logged users to their
Inbox pages
has caused the Debian Bug report #535178,
regarding Login page redirecting logged users to their Inbox pages
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [email protected]
immediately.)
--
535178: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=535178
Debian Bug Tracking System
Contact [email protected] with problems
--- Begin Message ---
Package: atmailopen
Version: 1.03+dfsg+svn93-5
Severity: minor
If you are logged in the atmailopen and back to the index page (by
hitting the "Back" button in the browser or just by cleaning the URL),
you're sent to the login page again (aka index.php). Once you already
are logged in, I think the system should detect it and redirect you to
your Inbox page because there's no need to the user authenticate
again.
I attached at this message a patch in the index.php page that
enables this feature. I'm currently running this patch in one of my
atmailopen instances.
--
Atenciosamente,
Arthur Furlan
[email protected]
--- index.php 2009-06-30 10:25:04.000000000 -0300
+++ index.php-patched 2009-06-30 10:23:53.000000000 -0300
@@ -8,13 +8,15 @@
// | http://opensource.org/licenses/apache2.0.php |
// +----------------------------------------------------------------+
-require_once('header.php');
-
// Check for system installation
if (!file_exists('libs/Atmail/Config.php'))
redirectToInstaller();
+require_once('header.php');
+require_once('GetMail.php');
+require_once('Session.php');
require_once('Global.php');
+session_start();
// Check again for system installation, just in case Config.php
// was manually created
@@ -39,6 +41,7 @@
$var['browser'] = "ns";
$atmail = new AtmailGlobal();
+$auth = $atmail->getAuthObj();
$var['func'] = $_REQUEST['func'];
$var['version'] = $pref['version'];
@@ -52,12 +55,6 @@
// a blank SessionID. Delete the Session for the DB too
if ( $var['func'] == "logout" )
{
- require_once('Session.php');
-
- session_start();
-
- $auth =& $atmail->getAuthObj();
-
// Find the users current settings, if to delete the trash on logout
//$atmail->cookie_read($auth);
//$auth->getuser();
@@ -131,6 +128,15 @@
$auth->destroy_session();
+} else {
+ /* if there's no error and the user is logged in, redirect him to its inbox */
+ if (!empty($_REQUEST['error'])) {
+ $auth->destroy_session();
+ $auth->SessionID = null;
+ } else if (!empty($auth->SessionID)) {
+ header('location: parse.php?file=html/LANG/simple/showmail_interface.html&ajax=1');
+ exit;
+ }
}
$var['Ajax'] = '1';
--- End Message ---
--- Begin Message ---
* Arthur Furlan <[email protected]> [2009-06-30 10:51]:
> Package: atmailopen
> Version: 1.03+dfsg+svn93-5
atmailopen was removed from Debian because it had security issues; see
#531075
--
Martin Michlmayr
http://www.cyrius.com/
--- End Message ---
