Hi, first I would like to congratulate you for all the hacks you're doing. They all reallly helped me
I have a tiny problem with the auto-login hack. Let's take the following example about userX :
- userX has activated the auto-login function for siteA
- It works perfectly : when he opens his browser and go to siteA, he is automatically loged in
- userX now has his browser closed
- He receives a notification by email : a new message has been posted in the forums of siteA
- He clicks on the link provided in the post.
- His browser opens, and, because of the excellent auto-login hack, he automatically logs in
- However, he is redirected on the home page and not on the forum post he was hoping for.
A lot of my users are complaining because they don't understand what is happeninh lol
I've looked at the code and found this :
Quote:
// redirect to XOOPS_URL/ when query string exists (anti-CSRF)
if( ! empty( $_SERVER['QUERY_STRING'] ) ) {
redirect_header( XOOPS_URL . '/' , 0 , _AUTOMATIC_LOGIN ) ;
exit ;
}
It seems as it is on purpose that the user is redirected to the home page, because it protects from a certain attack ?
Is there a way the user could be redirected to the page he was asking ?
Thanks for your help !
CHeers !