diff --git a/public/include/classes/user.class.php b/public/include/classes/user.class.php
index e28eaa9f..6dc7acdf 100644
--- a/public/include/classes/user.class.php
+++ b/public/include/classes/user.class.php
@@ -411,7 +411,7 @@ class User {
* @param none
* @return true
**/
- public function logoutUser($redirect="index.php") {
+ public function logoutUser($from="") {
$this->debug->append("STA " . __METHOD__, 4);
// Unset all of the session variables
$_SESSION = array();
@@ -424,8 +424,11 @@ class User {
session_destroy();
// Enforce generation of a new Session ID and delete the old
session_regenerate_id(true);
- // Enforce a page reload
- header("Location: $redirect");
+ // Enforce a page reload and point towards login with referrer included, if supplied
+ $location = @$_SERVER['HTTPS'] ? 'https' : 'http' . '://' . $_SERVER['SERVER_NAME'] . $_SERVER['PHP_SELF'];
+ if (!empty($from)) $location .= '?page=login&to=' . urlencode($from);
+ // if (!headers_sent()) header('Location: ' . $location, true, 307);
+ exit('');
}
/**
@@ -658,7 +661,7 @@ class User {
$this->getUserIp($_SESSION['USERDATA']['id']) == $_SERVER['REMOTE_ADDR']
) return true;
// Catchall
- if ($logout == true) $this->logoutUser();
+ if ($logout == true) $this->logoutUser($_SERVER['REQUEST_URI']);
return false;
}
}
diff --git a/public/include/pages/dashboard.inc.php b/public/include/pages/dashboard.inc.php
index a27e0d80..5ab39251 100644
--- a/public/include/pages/dashboard.inc.php
+++ b/public/include/pages/dashboard.inc.php
@@ -3,43 +3,46 @@
// Make sure we are called from index.php
if (!defined('SECURITY')) die('Hacking attempt');
-// Defaults to get rid of PHP Notice warnings
-$dDifficulty = 1;
-$aRoundShares = 1;
+if ($user->isAuthenticated()) {
+ // Defaults to get rid of PHP Notice warnings
+ $dDifficulty = 1;
+ $aRoundShares = 1;
-// Only run these if the user is logged in
-$aRoundShares = $statistics->getRoundShares();
-if ($bitcoin->can_connect() === true) {
- $dDifficulty = $bitcoin->query('getdifficulty');
- if (is_array($dDifficulty) && array_key_exists('proof-of-work', $dDifficulty))
- $dDifficulty = $dDifficulty['proof-of-work'];
-}
-
-// Always fetch this since we need for ministats header
-$aRoundShares = $statistics->getRoundShares();
-if ($bitcoin->can_connect() === true) {
+ // Only run these if the user is logged in
+ $aRoundShares = $statistics->getRoundShares();
+ if ($bitcoin->can_connect() === true) {
$dDifficulty = $bitcoin->query('getdifficulty');
- if (is_array($dDifficulty) && array_key_exists('proof-of-work', $dDifficulty))
- $dDifficulty = $dDifficulty['proof-of-work'];
- try { $dNetworkHashrate = $bitcoin->query('getnetworkhashps') / 1000; } catch (Exception $e) {
- // Maybe we are SHA
- try { $dNetworkHashrate = $bitcoin->query('gethashespersec') / 1000; } catch (Exception $e) {
- $dNetworkHashrate = 0;
- }
- $dNetworkHashrate = 0;
- }
-} else {
- $dNetworkHashrate = 0;
+ if (is_array($dDifficulty) && array_key_exists('proof-of-work', $dDifficulty))
+ $dDifficulty = $dDifficulty['proof-of-work'];
+ }
+
+ // Always fetch this since we need for ministats header
+ $aRoundShares = $statistics->getRoundShares();
+ if ($bitcoin->can_connect() === true) {
+ $dDifficulty = $bitcoin->query('getdifficulty');
+ if (is_array($dDifficulty) && array_key_exists('proof-of-work', $dDifficulty))
+ $dDifficulty = $dDifficulty['proof-of-work'];
+ try { $dNetworkHashrate = $bitcoin->query('getnetworkhashps') / 1000; } catch (Exception $e) {
+ // Maybe we are SHA
+ try { $dNetworkHashrate = $bitcoin->query('gethashespersec') / 1000; } catch (Exception $e) {
+ $dNetworkHashrate = 0;
+ }
+ $dNetworkHashrate = 0;
+ }
+ } else {
+ $dNetworkHashrate = 0;
+ }
+
+ // Fetch some data
+ if (!$iCurrentActiveWorkers = $worker->getCountAllActiveWorkers()) $iCurrentActiveWorkers = 0;
+ $iCurrentPoolHashrate = $statistics->getCurrentHashrate();
+ $iCurrentPoolShareRate = $statistics->getCurrentShareRate();
+
+ // Avoid confusion, ensure our nethash isn't higher than poolhash
+ if ($iCurrentPoolHashrate > $dNetworkHashrate) $dNetworkHashrate = $iCurrentPoolHashrate;
+
+ // Make it available in Smarty
+ $smarty->assign('CONTENT', 'default.tpl');
}
-// Fetch some data
-if (!$iCurrentActiveWorkers = $worker->getCountAllActiveWorkers()) $iCurrentActiveWorkers = 0;
-$iCurrentPoolHashrate = $statistics->getCurrentHashrate();
-$iCurrentPoolShareRate = $statistics->getCurrentShareRate();
-
-// Avoid confusion, ensure our nethash isn't higher than poolhash
-if ($iCurrentPoolHashrate > $dNetworkHashrate) $dNetworkHashrate = $iCurrentPoolHashrate;
-
-// Make it available in Smarty
-$smarty->assign('CONTENT', 'default.tpl');
?>
diff --git a/public/include/pages/login.inc.php b/public/include/pages/login.inc.php
index fb8b0b4c..4dcae2dc 100644
--- a/public/include/pages/login.inc.php
+++ b/public/include/pages/login.inc.php
@@ -6,7 +6,10 @@ if (!defined('SECURITY')) die('Hacking attempt');
if ($setting->getValue('maintenance') && !$user->isAdmin($user->getUserId($_POST['username']))) {
$_SESSION['POPUP'][] = array('CONTENT' => 'You are not allowed to login during maintenace.', 'TYPE' => 'info');
} else if ($user->checkLogin(@$_POST['username'], @$_POST['password']) ) {
- header('Location: index.php?page=home');
+ empty($_POST['to']) ? $to = $_SERVER['PHP_SELF'] : $to = $_POST['to'];
+ $location = @$_SERVER['HTTPS'] === true ? 'https' : 'http' . '://' . $_SERVER['SERVER_NAME'] . $to;
+ if (!headers_sent()) header('Location: ' . $location, true, 307);
+ exit('');
} else if (@$_POST['username'] && @$_POST['password']) {
$_SESSION['POPUP'][] = array('CONTENT' => 'Unable to login: '. $user->getError(), 'TYPE' => 'errormsg');
}
diff --git a/public/include/pages/logout.inc.php b/public/include/pages/logout.inc.php
index 8622fd8e..6a537c1d 100644
--- a/public/include/pages/logout.inc.php
+++ b/public/include/pages/logout.inc.php
@@ -7,5 +7,5 @@ if (!defined('SECURITY'))
// This probably (?) never fails
$user->logoutUser();
$smarty->assign("CONTENT", "default.tpl");
-header('Location: index.php?page=home');
+// header('Location: index.php?page=home');
?>
diff --git a/public/templates/test/dashboard/default.tpl b/public/templates/test/dashboard/default.tpl
index ab4f7224..bf0918a8 100644
--- a/public/templates/test/dashboard/default.tpl
+++ b/public/templates/test/dashboard/default.tpl
@@ -1,8 +1,6 @@
{if $smarty.session.AUTHENTICATED|default}
-{assign var=payout_system value=$GLOBAL.config.payout_system}
-{include file="dashboard/graph.tpl"}
-{include file="dashboard/default_$payout_system.tpl"}
-{include file="dashboard/gauges.tpl"}
-{else}
-{include file="login/default.tpl"}
+ {assign var=payout_system value=$GLOBAL.config.payout_system}
+ {include file="dashboard/graph.tpl"}
+ {include file="dashboard/default_$payout_system.tpl"}
+ {include file="dashboard/gauges.tpl"}
{/if}
diff --git a/public/templates/test/login/default.tpl b/public/templates/test/login/default.tpl
index 1e15b4b5..b10d4106 100644
--- a/public/templates/test/login/default.tpl
+++ b/public/templates/test/login/default.tpl
@@ -1,21 +1,22 @@