[geeklog-devel] Redirect after login

Dirk Haun dirk at haun-online.de
Sat Nov 28 11:30:02 EST 2009


Tony Bibbs wrote:

>When you get to login.php be sure to grab referrer and take the back.

Hmm. We check the referrer only after the login has been confirmed. So
at this point, it would refer to the login page, not to the page before
that. So we could include the original referrer with the login data. How
easily could that be faked?

bye, Dirk


-- 
http://www.haun-online.de/
http://spam.tinyweb.net/




More information about the geeklog-devel mailing list