Upcoming feature to continue from forbidden requests.
if ($user = login($_POST['login'], $_POST['pass'])) {
setcookie('login', $user['auth'], 0, '/');
if ($user = login($_POST['login'], $_POST['pass'])) {
setcookie('login', $user['auth'], 0, '/');
- header("Location: /"); //TODO: goto
+ $target = ltrim(@$_GET['goto'], '/');
+ header("Location: /$target");
http_response_code(302);
exit;
}
http_response_code(302);
exit;
}