[geeklog-devel] Redirect after login
dirk at haun-online.de
Sat Nov 28 11:30:02 EST 2009
Tony Bibbs wrote:
>When you get to login.php be sure to grab referrer and take the back.
Hmm. We check the referrer only after the login has been confirmed. So
at this point, it would refer to the login page, not to the page before
that. So we could include the original referrer with the login data. How
easily could that be faked?
More information about the geeklog-devel