mirror of
https://github.com/silverstripe/silverstripe-framework
synced 2024-10-22 14:05:37 +02:00
API Removed 'BadLoginURL' session var from MemberLoginForm
It was never set in core, and is generally undocumented, hence just unnecessarily increases the security surface of this sensitive class.
This commit is contained in:
parent
b350ded87c
commit
18c9a95996
@ -138,14 +138,10 @@ JS
|
||||
|
||||
if($backURL) Session::set('BackURL', $backURL);
|
||||
|
||||
if($badLoginURL = Session::get("BadLoginURL")) {
|
||||
$this->controller->redirect($badLoginURL);
|
||||
} else {
|
||||
// Show the right tab on failed login
|
||||
$loginLink = Director::absoluteURL($this->controller->Link('login'));
|
||||
if($backURL) $loginLink .= '?BackURL=' . urlencode($backURL);
|
||||
$this->controller->redirect($loginLink . '#' . $this->FormName() .'_tab');
|
||||
}
|
||||
// Show the right tab on failed login
|
||||
$loginLink = Director::absoluteURL($this->controller->Link('login'));
|
||||
if($backURL) $loginLink .= '?BackURL=' . urlencode($backURL);
|
||||
$this->controller->redirect($loginLink . '#' . $this->FormName() .'_tab');
|
||||
}
|
||||
}
|
||||
|
||||
|
Loading…
Reference in New Issue
Block a user