| 131 |
131 |
$::locale = Locale->new($::myconfig{countrycode});
|
| 132 |
132 |
$::form->{error} = $::locale->text('The session is invalid or has expired.') if ($error_type eq 'session');
|
| 133 |
133 |
$::form->{error} = $::locale->text('Incorrect password!') if ($error_type eq 'password');
|
|
134 |
$::form->{error} = $::locale->text('The action is missing or invalid.') if ($error_type eq 'action');
|
| 134 |
135 |
|
| 135 |
136 |
return render_error_ajax($::form->{error}) if $::request->is_ajax;
|
| 136 |
137 |
|
| ... | ... | |
| 236 |
237 |
$::form->read_cgi_input;
|
| 237 |
238 |
|
| 238 |
239 |
my %routing;
|
| 239 |
|
eval { %routing = _route_request($ENV{SCRIPT_NAME}); 1; } or return;
|
|
240 |
eval { %routing = $self->_route_request($ENV{SCRIPT_NAME}); 1; } or return;
|
| 240 |
241 |
($routing_type, $script_name, $action) = @routing{qw(type controller action)};
|
| 241 |
242 |
$::lxdebug->log_request($routing_type, $script_name, $action);
|
| 242 |
243 |
|
| ... | ... | |
| 275 |
276 |
if ( (($script eq 'login') && !$action)
|
| 276 |
277 |
|| ($script eq 'admin')
|
| 277 |
278 |
|| (SL::Auth::SESSION_EXPIRED() == $session_result)) {
|
| 278 |
|
$self->redirect_to_login($script);
|
|
279 |
$self->redirect_to_login(script => $script, error => 'session');
|
| 279 |
280 |
|
| 280 |
281 |
}
|
| 281 |
282 |
|
| ... | ... | |
| 338 |
339 |
}
|
| 339 |
340 |
|
| 340 |
341 |
sub redirect_to_login {
|
| 341 |
|
my ($self, $script) = @_;
|
| 342 |
|
my $action = $script =~ m/^admin/i ? 'Admin/login' : 'LoginScreen/user_login&error=session';
|
|
342 |
my ($self, %params) = @_;
|
|
343 |
my $action = ($params{script} // '') =~ m/^admin/i ? 'Admin/login' : 'LoginScreen/user_login';
|
|
344 |
$action .= '&error=' . $params{error} if $params{error};
|
|
345 |
|
| 343 |
346 |
print $::request->cgi->redirect("controller.pl?action=${action}");
|
| 344 |
347 |
::end_of_request();
|
| 345 |
348 |
}
|
| ... | ... | |
| 362 |
365 |
}
|
| 363 |
366 |
|
| 364 |
367 |
sub _route_request {
|
| 365 |
|
my $script_name = shift;
|
|
368 |
my ($self, $script_name) = @_;
|
| 366 |
369 |
|
| 367 |
|
return $script_name =~ m/dispatcher\.pl$/ ? (type => 'old', _route_dispatcher_request())
|
| 368 |
|
: $script_name =~ m/controller\.pl/ ? (type => 'controller', _route_controller_request())
|
|
370 |
return $script_name =~ m/dispatcher\.pl$/ ? (type => 'old', $self->_route_dispatcher_request)
|
|
371 |
: $script_name =~ m/controller\.pl/ ? (type => 'controller', $self->_route_controller_request)
|
| 369 |
372 |
: (type => 'old', controller => $script_name, action => $::form->{action});
|
| 370 |
373 |
}
|
| 371 |
374 |
|
| 372 |
375 |
sub _route_dispatcher_request {
|
|
376 |
my ($self) = @_;
|
| 373 |
377 |
my $name_re = qr{[a-z]\w*};
|
| 374 |
378 |
my ($script_name, $action);
|
| 375 |
379 |
|
| ... | ... | |
| 400 |
404 |
}
|
| 401 |
405 |
|
| 402 |
406 |
sub _route_controller_request {
|
|
407 |
my ($self) = @_;
|
| 403 |
408 |
my ($controller, $action, $request_type);
|
| 404 |
409 |
|
| 405 |
410 |
eval {
|
|
411 |
# Redirect simple requests to controller.pl without any GET/POST
|
|
412 |
# param to the login page.
|
|
413 |
$self->redirect_to_login(error => 'action') if !$::form->{action};
|
|
414 |
|
|
415 |
# Show an error if the »action« parameter doesn't match the
|
|
416 |
# pattern »Controller/action«.
|
| 406 |
417 |
$::form->{action} =~ m|^ ( [A-Z] [A-Za-z0-9_]* ) / ( [a-z] [a-z0-9_]* ) ( \. [a-zA-Z]+ )? $|x || die "Unroutable request -- invalid controller/action.\n";
|
| 407 |
418 |
($controller, $action) = ($1, $2);
|
| 408 |
419 |
delete $::form->{action};
|
Dispatcher: Requests auf controller.pl ohne action auf Loginseite redirecten
Ist hilfreich, wenn man aus der Browserhistory einen Link wie
http://…/kivitendo/controller.pl aufruft. Bisher wurde nur eine böse
Fehlerseite angezeigt.