From 5647b2de9bae671538ba3a316eee7edd3564bf1e Mon Sep 17 00:00:00 2001
From: Eirik Th S <eirik@flowtivity.io>
Date: Sat, 15 May 2021 00:47:23 +0200
Subject: [PATCH] Improved where user is sent after login

---
 login.php        | 14 +++++++++-----
 webdata/init.php |  6 ++++--
 2 files changed, 13 insertions(+), 7 deletions(-)

diff --git a/login.php b/login.php
index 6330dac..d9b4460 100644
--- a/login.php
+++ b/login.php
@@ -2,15 +2,21 @@
 require 'webdata/init.php';
 
 $returnToPage = "./";
-if(isset($_POST['referrerPage'])){
+if(isset($_GET['return'])){
+    $returnToPage = $_GET['return'];
+}
+elseif(isset($_POST['referrerPage'])){
     $returnToPage = $_POST['referrerPage'];
 }
-else if(isset($_SERVER['HTTP_REFERER'])){
-    $returnToPage = $_SERVER['HTTP_REFERER'];
+elseif(isset($_SERVER['HTTP_REFERER'])){
+    $returnToPage = explode($_SERVER['HTTP_HOST'], $_SERVER['HTTP_REFERER'])[1];
 }
 
+
 if(stristr($returnToPage, "login.php") || stristr($returnToPage, "register.php")){
     $returnToPage = "./";
+} else {
+    $returnToPage = str_ireplace('index.php', '', $returnToPage);
 }
 
 if( checkLogin() ){
@@ -40,8 +46,6 @@ if(isset($_POST) && !empty($_POST)){
     }
 }
 
-//echo PwdGen("Passord123", true);
-
 
 ?><!DOCTYPE html>
 <html lang="en">
diff --git a/webdata/init.php b/webdata/init.php
index a615057..a6c126d 100644
--- a/webdata/init.php
+++ b/webdata/init.php
@@ -172,8 +172,9 @@ function requireLogin(): bool{
         return true;
     }
 
-    $_SERVER['HTTP_REFERER'] = $_SERVER['PHP_SELF'];
-    header("Location: ".$config["general"]["projectRoot"]."/login.php");
+    $_SESSION['loginRef'] = $_SERVER['PHP_SELF'];
+
+    header("Location: ".$config["general"]["projectRoot"]."/login.php?return=".str_ireplace('index.php', '', $_SERVER['PHP_SELF']));
     return false;
 }
 
@@ -182,6 +183,7 @@ function checkLoginSimple(): bool {
 
     if(!isset($_SESSION)){
         session_start();
+        $_SERVER['HTTP_REFERER'] = "";
     }
 
     if(isset($_SESSION['user_id'])){