Login.login 1.8.1: Can redirectToPrior=`1` be overrriden in certain cases or is this a bug?

34 Posts

pcamelo Reply #1, 11 years, 2 months ago

Hello, first time poster here,

I'm starting to use Login 1.8.1 at my MODX Revolution 2.2.6 site. I have it working correctly, and have set redirectToPrior=`1` which works great to let the user return to the previous view and let him see different options after he/she has logged in (I'm also using Personalize 3.4.0). Just now, I noticed something curious: Suppose that an unidentified user is in my homepage and then clicks on the log in link. He goes to the log in page and enters his info, but he fails to enter his password correctly and the page asks for his information again. This time he succeeds, but redirectToPrior=`1` redirects him to the login page again since, technically, that's where he was previously, instead of my home page.

I know that, strictly speaking, this is how it should work, but is there a simple way to make the login snippet redirect to the page that called the login page and not the login page itself when this happens? (not sure if I should call this a bug)

Or should I just get creative with the logout template so that the login page shows a link to home or something similar when a logged in user reaches it? (not too elegant a solution, I think)

Thanks in advance for your time.

This question has been answered by multiple community members. See the first response.

24,544 Posts

BobRay Reply #2, 11 years, 2 months ago

The only way around that that I can think of is to rewrite the Login snippet to write the referer to a $_SESSION variable if the referer is not the Login page. Then change the forwarding code so that if the Login succeeds and the current referer is the Login page, it redirects to the one in the $_SESSION variable.

Did I help you? Buy me a beer
Get my Book: MODX:The Official Guide
MODX info for everyone: http://bobsguides.com/modx.html
My MODX Extras
Bob's Guides is now hosted at A2 MODX Hosting

34 Posts

pcamelo Reply #3, 11 years, 2 months ago

Quote from: BobRay at Mar 15, 2013, 01:35 AM

The only way around that that I can think of is to rewrite the Login snippet to write the referer to a $_SESSION variable if the referer is not the Login page. Then change the forwarding code so that if the Login succeeds and the current referer is the Login page, it redirects to the one in the $_SESSION variable.

Thank you very much for your answer! That sounds good. I really didn't want to touch the snippet code in order to not to 'invalidate the warranty', so to speak, but this sounds simple enough and certainly will help me in dealing with this issue.

Thanks again!

24,544 Posts

BobRay Reply #4, 11 years, 2 months ago

Don't thank me until it works. wink

Don't forget to make a second copy of the file once you've altered it so you can find your changes and restore them if you forget and update the login package.

The Login code is notoriously labyrinthine. I'm not sure, but I think the part you want is in core/components/login/controllers/web/login.php at line 94, rather than in the snippet itself.

Did I help you? Buy me a beer
Get my Book: MODX:The Official Guide
MODX info for everyone: http://bobsguides.com/modx.html
My MODX Extras
Bob's Guides is now hosted at A2 MODX Hosting

34 Posts

pcamelo Reply #5, 11 years, 2 months ago

Quote from: BobRay at Mar 16, 2013, 04:59 AM

The Login code is notoriously labyrinthine. I'm not sure, but I think the part you want is in core/components/login/controllers/web/login.php at line 94, rather than in the snippet itself.

Hmm... It's taking me a little bit longer than I expected, mainly because I don't want to mess too much with what is already there without knowing exactly what it does. But I was thinking, maybe I can use the same idea without getting too much low-end by using hooks? Maybe with one pre-hook checking for the referrer and saving it in a $_SESSION variable if it is different from the login page? Then when the user is successfully authenticated, a post-hook would check if we jumped to the login page and perform a second jump to the previously saved page.

I haven't used hooks before but this doesn't sound too far-fetched. And this way I don't have to worry about my code getting erased after an update.

What do you think? =)

24,544 Posts

BobRay Reply #6, 11 years, 2 months ago

That's definitely worth a try. I thought of it but, for some reason, thought it wouldn't work. I can't remember why I thought that. wink

Did I help you? Buy me a beer
Get my Book: MODX:The Official Guide
MODX info for everyone: http://bobsguides.com/modx.html
My MODX Extras
Bob's Guides is now hosted at A2 MODX Hosting

discuss.answer

34 Posts

pcamelo Reply #7, 11 years, 1 month ago

Quote from: BobRay at Mar 17, 2013, 10:34 PM

That's definitely worth a try. I thought of it but, for some reason, thought it wouldn't work. I can't remember why I thought that.

Sorry for delaying so much in replying to this thread. I had to solve some unrelated issues that took most of my week.

I tried to do what I had said in my previous post and created a PreHook that read the $_SERVER['HTTP_REFERER'] variable and stored it in a session variable of my own: $_SESSION['CallingPage'], like so:

$_SESSION['CallingPage'] = $_SERVER['HTTP_REFERER'];

In order to read the value and check if it was correct first, I created a snippet and placed it in my members page (which in this example is accessible after logging in and then clicking on another link to ensure that my referer has changed) to read the session variable and display it with a placeholder:

$modx -> setPlaceholder('thepage', $_SESSION['CallingPage']);

For some reason, I was always getting this value: http://www.<mysite>.com/index.php?id=1

But id=1 is my login page, not its referer.

I thought this was because the form had already been processed and maybe the HTTP_REFERER value had already changed, so instead of running my snippet as a PreHook, I renamed it 'SaveReferer' and loaded it as a separate snippet in my login page and placed it before the login snippet:

[[!SaveReferer?]]
[[!Login? &loginTpl=`lgnLoginTpl` &logoutTpl=`lgnLogoutTpl` &errTpl=`lgnErrTpl` &logoutResourceId=`5` &redirectToPrior=`1`]]

But after doing that, I'm still getting the referer page as: ...index.php?id=1

Is there something in ModX logic that I'm missing, or should I look for another variable instead of HTTP_REFERER? (I know Login must save that value somewhere else too before processing the form, but I don't know where that is).

Thanks in advance!

24,544 Posts

BobRay Reply #8, 11 years, 1 month ago

Are you reaching the Login page by following a link to it? If you just preview it from the Manager or type in its URL, the referer won't be set correctly.

Also, are you testing for a resubmission or the $_SESSION variable already being set in your preHook? In those cases the $_SESSION variable shouldn't be set. Otherwise, it will get overwritten when the form is submitted.

Did I help you? Buy me a beer
Get my Book: MODX:The Official Guide
MODX info for everyone: http://bobsguides.com/modx.html
My MODX Extras
Bob's Guides is now hosted at A2 MODX Hosting

34 Posts

pcamelo Reply #9, 11 years, 1 month ago

Quote from: BobRay at Mar 26, 2013, 05:56 AM

Are you reaching the Login page by following a link to it? If you just preview it from the Manager or type in its URL, the referer won't be set correctly.

For my tests, I always start from my homepage, which has an id of 10. From there I click a link to the login page (which has an id=1), so in theory it should be set correctly, right?

Quote from: BobRay at Mar 26, 2013, 05:56 AM

Also, are you testing for a resubmission or the $_SESSION variable already being set in your preHook? In those cases the $_SESSION variable shouldn't be set. Otherwise, it will get overwritten when the form is submitted.

I have completely removed the call to the preHook in the Login parameters. My $_SESSION variable is only being set in my snippet called 'SaveReferer' which I call from the login page before calling the Login snippet. Here's how the content of my Login page looks now:

[[!SaveReferer?]]
[[!Login? &loginTpl=`lgnLoginTpl` &logoutTpl=`lgnLogoutTpl` &errTpl=`lgnErrTpl` &logoutResourceId=`5` &redirectToPrior=`1`]]

But I'm still getting the same result. Was that what you were referring to or did I misunderstood?

discuss.answer

24,544 Posts

BobRay Reply #10, 11 years, 1 month ago

The Login page is a form that submits to itself, so when you click on the Login button, SaveReferer will execute again with (I think) the Login page as the referer.

If you put the SaveReferer tag below the Login tag, it should only execute once, but it should also make sure not to set the $_SESSION variable if it's already set (in case the user enters the wrong info and the page reloads).

Did I help you? Buy me a beer
Get my Book: MODX:The Official Guide
MODX info for everyone: http://bobsguides.com/modx.html
My MODX Extras
Bob's Guides is now hosted at A2 MODX Hosting

Answered Login.login 1.8.1: Can redirectToPrior=`1` be overrriden in certain cases or is this a bug?