login: forward redirect parameters on post form

Copy as explicit post field since get parameters are stripped since commit
v3.5-30-g1a94d9191a (2018-08-11) [strip logout parameter on form post].

Reported-by: Ben van Vianen

diff --git a/login/form.inc.php b/login/form.inc.php
index c3913fbd319ca501ff927a30ccd279bc9d152db9..7e78f8201cd988d55674e004b88944c94f8a8930 100644 (file)
--- a/login/form.inc.php
+++ b/login/form.inc.php
@@ -1,6 +1,7 @@
 <h2>Inloggen</h2>
 
 <form action="?" method="post">
+       <input type="hidden" name="goto" value="<?php print htmlspecialchars(@$_REQUEST['goto']); ?>" />
        <input id="login" name="login" placeholder="Gebruikersnaam" value="<?php
                if (isset($_POST['login'])) print htmlspecialchars($_POST['login']);
        ?>" />

diff --git a/login/index.php b/login/index.php
index 86af0744a4587ea1d9aeab162384a34cb5371641..8b4c223914bf31d8befcf26a814d75ca7db80e2c 100644 (file)
--- a/login/index.php
+++ b/login/index.php
@@ -42,9 +42,9 @@ if (empty($User)) {
        return TRUE;
 }
 
-if (isset($_GET['goto'])) {
+if (isset($_REQUEST['goto'])) {
        ob_clean();
-       $target = ltrim($_GET['goto'], '/');
+       $target = ltrim($_REQUEST['goto'], '/');
        header("Location: /$target");
        http_response_code(302);
        exit;