an attacker to hijack the session.">true</configboolean>
<configstring name="alternate_login" desc="If this is not false, it is
assumed to be the URL of an alternate login screen which will be used in
- place of horde's default login screen.">false</configstring>
+ place of horde's default login screen. The URL will have an "app"
+ parameter appended that contains the application that redirected to the
+ login screen, and a "url" parameter with the originally requested
+ URL. The alternate login screen should redirect to that URL after
+ authentication. Alternatively you can include a "%u" place holder
+ in the alternate URL that will be replaced by that original
+ URL. Optionally appended URL parameters are "logout_reason" that
+ contains a number with the logout reason (see the Horde_Auth::REASON_*
+ constants for possible values), and "logout_msg" that contains an
+ error message describing the logout reason.">false</configstring>
<configstring name="redirect_on_logout" desc="If this is not false, it is
assumed to be the URL of an alternate logout page which users will be sent
to when they log out.">false</configstring>
v4.0-cvs
--------
+[jan] Allow to specify the URL parameter name for the alternate login setting.
[mms] Remove reliance on PEAR Mail library.
[jan] Send alarm emails again if the alarm has changed (Bug #8717).
[mms] Add advanced preferences options screen.
$url = Horde_Util::addParameter($url, array(session_name() => session_id), null, false);
}
if (!empty($url_in)) {
- $url = Horde_Util::addParameter($url, array('url' => _addAnchor($url_in, 'param', $url_anchor)), null, false);
+ $anchor = _addAnchor($url_in, 'param', $url_anchor);
+ if (strpos($url, '%25u')) {
+ $url = str_replace('%25u', $anchor, $url);
+ } else {
+ $url = Horde_Util::addParameter($url, array('url' => $anchor), null, false);
+ }
}
header('Location: ' . _addAnchor($url, 'url', $url_anchor));
exit;
projects / horde.git / commitdiff