mirror of
https://github.com/silverstripe/silverstripe-framework
synced 2024-10-22 14:05:37 +02:00
API Removed 'BadLoginURL' session var from MemberLoginForm
It was never set in core, and is generally undocumented, hence just unnecessarily increases the security surface of this sensitive class.
This commit is contained in:
parent
b350ded87c
commit
18c9a95996
@ -138,16 +138,12 @@ JS
|
||||
|
||||
if($backURL) Session::set('BackURL', $backURL);
|
||||
|
||||
if($badLoginURL = Session::get("BadLoginURL")) {
|
||||
$this->controller->redirect($badLoginURL);
|
||||
} else {
|
||||
// Show the right tab on failed login
|
||||
$loginLink = Director::absoluteURL($this->controller->Link('login'));
|
||||
if($backURL) $loginLink .= '?BackURL=' . urlencode($backURL);
|
||||
$this->controller->redirect($loginLink . '#' . $this->FormName() .'_tab');
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
* Login in the user and figure out where to redirect the browser.
|
||||
|
Loading…
Reference in New Issue
Block a user