assign a local $login_request variable in login.php; if there is no a…

…dministrator session and this variable does not exist, redirect to the login page.
osCommerce · Sep 10, 2009 · 8a9dd05 · 8a9dd05
1 parent c3a8407
commit 8a9dd05
Show file tree

Hide file tree

Showing 2 changed files with 6 additions and 0 deletions.
diff --git a/catalog/admin/includes/application_top.php b/catalog/admin/includes/application_top.php
@@ -161,6 +161,10 @@
       $redirect = true;
     }
 
+    if (!isset($login_request) || isset($HTTP_GET_VARS['login_request']) || isset($HTTP_POST_VARS['login_request']) || isset($HTTP_COOKIE_VARS['login_request']) || isset($HTTP_SESSION_VARS['login_request']) || isset($HTTP_POST_FILES['login_request']) || isset($HTTP_SERVER_VARS['login_request'])) {
+      $redirect = true;
+    }
+
     if ($redirect == true) {
       tep_redirect(tep_href_link(FILENAME_LOGIN, (isset($redirect_origin['auth_user']) ? 'action=process' : '')));
     }

diff --git a/catalog/admin/login.php b/catalog/admin/login.php
@@ -10,6 +10,8 @@
   Released under the GNU General Public License
 */
 
+  $login_request = true;
+
   require('includes/application_top.php');
   require('includes/functions/password_funcs.php');