Revision 75f69249
Von Moritz Bunkus vor mehr als 13 Jahren hinzugefügt
SL/Dispatcher.pm | ||
---|---|---|
164 | 164 |
$::form = Form->new; |
165 | 165 |
%::called_subs = (); |
166 | 166 |
|
167 |
my $session_result = $::auth->restore_session; |
|
168 |
$::auth->create_or_refresh_session; |
|
169 |
|
|
170 |
$::form->read_cgi_input; |
|
171 |
|
|
167 | 172 |
eval { ($routing_type, $script_name, $action) = _route_request($script_name); 1; } or return; |
168 | 173 |
|
169 | 174 |
if ($routing_type eq 'old') { |
... | ... | |
183 | 188 |
eval { |
184 | 189 |
pre_request_checks(); |
185 | 190 |
|
186 |
my $session_result = $::auth->restore_session; |
|
187 |
$::auth->create_or_refresh_session; |
|
188 |
|
|
189 | 191 |
$::form->error($::locale->text('System currently down for maintenance!')) if -e ($::lx_office_conf{paths}->{userspath} . "/nologin") && $script ne 'admin'; |
190 | 192 |
|
191 | 193 |
if ($script eq 'login' or $script eq 'admin') { |
SL/Form.pm | ||
---|---|---|
258 | 258 |
|
259 | 259 |
bless $self, $type; |
260 | 260 |
|
261 |
$main::lxdebug->leave_sub(); |
|
262 |
|
|
263 |
return $self; |
|
264 |
} |
|
265 |
|
|
266 |
sub read_cgi_input { |
|
267 |
$main::lxdebug->enter_sub(); |
|
268 |
|
|
269 |
my ($self) = @_; |
|
270 |
|
|
261 | 271 |
$self->_input_to_hash($ENV{QUERY_STRING}) if $ENV{QUERY_STRING}; |
262 | 272 |
$self->_input_to_hash($ARGV[0]) if @ARGV && $ARGV[0]; |
263 | 273 |
|
... | ... | |
268 | 278 |
$uploads = $self->_request_to_hash($content); |
269 | 279 |
} |
270 | 280 |
|
281 |
if ($self->{RESTORE_FORM_FROM_SESSION_ID}) { |
|
282 |
my %temp_form; |
|
283 |
$::auth->restore_form_from_session(delete $self->{RESTORE_FORM_FROM_SESSION_ID}, form => \%temp_form); |
|
284 |
$self->_input_to_hash(join '&', map { $self->escape($_) . '=' . $self->escape($temp_form{$_}) } keys %temp_form); |
|
285 |
} |
|
286 |
|
|
271 | 287 |
my $db_charset = $::lx_office_conf{system}->{dbcharset}; |
272 | 288 |
$db_charset ||= Common::DEFAULT_CHARSET; |
273 | 289 |
|
... | ... | |
994 | 1010 |
return $jsscript; |
995 | 1011 |
} #end sub write_trigger |
996 | 1012 |
|
1013 |
sub _store_redirect_info_in_session { |
|
1014 |
my ($self) = @_; |
|
1015 |
|
|
1016 |
return unless $self->{callback} =~ m:^ ( [^\?/]+ \.pl ) \? (.+) :x; |
|
1017 |
|
|
1018 |
my ($controller, $params) = ($1, $2); |
|
1019 |
my $form = { map { map { $self->unescape($_) } split /=/, $_, 2 } split m/\&/, $params }; |
|
1020 |
$self->{callback} = "${controller}?RESTORE_FORM_FROM_SESSION_ID=" . $::auth->save_form_in_session(form => $form); |
|
1021 |
} |
|
1022 |
|
|
997 | 1023 |
sub redirect { |
998 | 1024 |
$main::lxdebug->enter_sub(); |
999 | 1025 |
|
... | ... | |
1003 | 1029 |
$self->info($msg); |
1004 | 1030 |
|
1005 | 1031 |
} else { |
1032 |
$self->_store_redirect_info_in_session; |
|
1006 | 1033 |
print $::form->redirect_header($self->{callback}); |
1007 | 1034 |
} |
1008 | 1035 |
|
Auch abrufbar als: Unified diff
Keine großen GET-Requests via HTTP-Redirect erfordern
Bugfix für 1609.