Inicio Explorar Axuda
Iniciar sesión
wiki
/
openNAMU__openNAMU
réplica de https://github.com/openNAMU/openNAMU.git
2
0
Fork 0
Ficheiros Incidencias 0 Wiki
Explorar o código

https://github.com/openNAMU/openNAMU/issues/2422

잉여개발기 hai 2 meses
pai
ef9889958f
achega
a73347db55
Modificáronse 3 ficheiros con 30 adicións e 16 borrados
Dividir vista Mostrar estatísticas de Diff
  1. 20 13
      route/login_login.py
  2. 8 1
      route/login_logout.py
  3. 2 2
      views/ringo/index.html

+ 20 - 13
route/login_login.py
Ver ficheiro 

@@ -10,6 +10,10 @@ async def login_login():
 
 
         if (await ban_check(None, 'login'))[0] == 1:
 
             return await re_error(conn, 0)
 
+        
+        return_url = flask.request.args.get('return', '')
 
+        if not return_url.startswith('/') or return_url.startswith('//') or '\\' in return_url:
 
+            return_url = ''
 
 
         if flask.request.method == 'POST':
 
             if await captcha_post(conn, flask.request.form.get('g-recaptcha-response', flask.request.form.get('g-recaptcha', ''))) == 1:
 
@@ -47,23 +51,26 @@ async def login_login():
 
 
                 ua_plus(conn, user_id, ip, user_agent, get_time())
 
 
-                return redirect(conn, '/user')
 
+                if return_url != '':
 
+                    return redirect(conn, return_url)
 
+                else:
 
+                    return redirect(conn, '/user')
 
         else:
 
             return await render_template(
 
                 await get_lang('login'),
 
                 '''
 
-                        <form method="post">
 
-                            <input class="__ON_INPUT__" placeholder="''' + await get_lang('id') + '''" name="id" type="text">
 
-                            <hr class="main_hr">
 
-                            <input class="__ON_INPUT__" placeholder="''' + await get_lang('password') + '''" name="pw" type="password">
 
-                            <hr class="main_hr">
 
-                            <!-- <label class="__ON_CHECKLABEL__"><input class="__ON_CHECKBOX__" type="checkbox" name="auto_login"> ''' + await get_lang('auto_login') + ''' (''' + await get_lang('not_working') + ''')</label>
 
-                            <hr class="main_hr"> -->
 
-                            ''' + await captcha_get(conn) + '''
 
-                            <button class="__ON_BUTTON__" type="submit">''' + await get_lang('login') + '''</button>
 
-                            ''' + await http_warning() + '''
 
-                        </form>
 
-                        ''',
 
+                <form method="post">
 
+                    <input class="__ON_INPUT__" placeholder="''' + await get_lang('id') + '''" name="id" type="text">
 
+                    <hr class="main_hr">
 
+                    <input class="__ON_INPUT__" placeholder="''' + await get_lang('password') + '''" name="pw" type="password">
 
+                    <hr class="main_hr">
 
+                    <!-- <label class="__ON_CHECKLABEL__"><input class="__ON_CHECKBOX__" type="checkbox" name="auto_login"> ''' + await get_lang('auto_login') + ''' (''' + await get_lang('not_working') + ''')</label>
 
+                    <hr class="main_hr"> -->
 
+                    ''' + await captcha_get(conn) + '''
 
+                    <button class="__ON_BUTTON__" type="submit">''' + await get_lang('login') + '''</button>
 
+                    ''' + await http_warning() + '''
 
+                </form>
 
+                ''',
 
                 0,
 
                 [['user', await get_lang('return')]]
 
             )

+ 8 - 1
route/login_logout.py
Ver ficheiro 

@@ -2,7 +2,14 @@ from .tool.func import *
 
 
 async def login_logout():
 
     with get_db_connect() as conn:
 
+        return_url = flask.request.args.get('return', '')
 
+        if not return_url.startswith('/') or return_url.startswith('//') or '\\' in return_url:
 
+            return_url = ''
 
+
 
         flask.session.pop('state', None)
 
         flask.session.pop('id', None)
 
 
-        return redirect(conn, '/user')
 
+        if return_url != '':
 
+            return redirect(conn, return_url)
 
+        else:
 
+            return redirect(conn, '/user')

+ 2 - 2
views/ringo/index.html
Ver ficheiro 

@@ -130,12 +130,12 @@
 
                                 <span class="iconify" data-icon="ic:twotone-stars" data-inline="true"></span>

                                 {{'star_doc'|load_lang}}

                             </a>

-                            <a href="/logout">

+                            <a href="/logout?return={{user_path}}">

                                 <span class="iconify" data-icon="ic:baseline-logout" data-inline="true"></span>

                                 {{'logout'|load_lang}}

                             </a>

                         {% else %}

-                            <a href="/login">

+                            <a href="/login?return={{user_path}}">

                                 <span class="iconify" data-icon="ic:baseline-login" data-inline="true"></span>

                                 {{'login'|load_lang}}

                             </a>