diff options
Diffstat (limited to 'include')
-rw-r--r-- | include/security.php | 6 |
1 files changed, 6 insertions, 0 deletions
diff --git a/include/security.php b/include/security.php index 2ccfc6973..0f2edc708 100644 --- a/include/security.php +++ b/include/security.php @@ -46,6 +46,12 @@ function authenticate_success($user_record, $login_initial = false, $interactive if(($a->module !== 'home') && x($_SESSION,'login_return_url') && strlen($_SESSION['login_return_url'])) { $return_url = $_SESSION['login_return_url']; + + // don't let members get redirected to a raw ajax page update - this can happen + // if DHCP changes the IP address at an unfortunate time and paranoia is turned on + if(strstr($return_url,'update_')) + $return_url = ''; + unset($_SESSION['login_return_url']); goaway($a->get_baseurl() . '/' . $return_url); } |