Allow accessing the LoginForm when logged in

Instead of sending a 403 the redirect to the given URL or the homepage
is performed.

Closes #2675

diff --git a/wcfsetup/install/files/lib/acp/form/LoginForm.class.php b/wcfsetup/install/files/lib/acp/form/LoginForm.class.php
index fa8ea7d8bdc1e9158c0aa5bdfe3787ba4bbb9743..e1f5e6be82cecf61b599a025e07958625638deef 100755 (executable)
--- a/wcfsetup/install/files/lib/acp/form/LoginForm.class.php
+++ b/wcfsetup/install/files/lib/acp/form/LoginForm.class.php
@@ -62,10 +62,6 @@ class LoginForm extends AbstractCaptchaForm {
        public function readParameters() {
                parent::readParameters();
                
-               if (WCF::getUser()->userID) {
-                       throw new PermissionDeniedException();
-               }
-               
                if (!empty($_REQUEST['url'])) {
                        $this->url = StringUtil::trim($_REQUEST['url']);
                        
@@ -75,6 +71,11 @@ class LoginForm extends AbstractCaptchaForm {
                        }
                }
                
+               if (WCF::getUser()->userID) {
+                       // User is already logged in
+                       $this->performRedirect();
+               }
+               
                // check authentication failures
                if (ENABLE_USER_AUTHENTICATION_FAILURE) {
                        $failures = UserAuthenticationFailure::countIPFailures(UserUtil::getIpAddress());
@@ -203,6 +204,13 @@ class LoginForm extends AbstractCaptchaForm {
                WCF::getSession()->changeUser($this->user);
                $this->saved();
                
+               $this->performRedirect();
+       }
+       
+       /**
+        * Performs the redirect after successful authentication.
+        */
+       protected function performRedirect() {
                if (!empty($this->url)) {
                        HeaderUtil::redirect($this->url);
                }

diff --git a/wcfsetup/install/files/lib/form/LoginForm.class.php b/wcfsetup/install/files/lib/form/LoginForm.class.php
index f9420db2dd995609b24d884f8f758069cb4a4c28..e985c82b666058eeb668579ba292f2ff7e8ea8ca 100644 (file)
--- a/wcfsetup/install/files/lib/form/LoginForm.class.php
+++ b/wcfsetup/install/files/lib/form/LoginForm.class.php
@@ -48,14 +48,12 @@ class LoginForm extends \wcf\acp\form\LoginForm {
                // change user
                WCF::getSession()->changeUser($this->user);
                
-               // get redirect url
-               $this->checkURL();
                $this->saved();
                
                // redirect to url
                WCF::getTPL()->assign('__hideUserMenu', true);
-               HeaderUtil::redirect($this->url);
-               exit;
+               
+               $this->performRedirect();
        }
        
        /**
@@ -73,14 +71,13 @@ class LoginForm extends \wcf\acp\form\LoginForm {
        }
        
        /**
-        * Sets the redirect url.
+        * @inheritDoc
         */
-       protected function checkURL() {
-               if (empty($this->url) || mb_stripos($this->url, '?Login/') !== false) {
+       protected function performRedirect() {
+               if (empty($this->url) || mb_stripos($this->url, '?login/') !== false || mb_stripos($this->url, '/login/') !== false) {
                        $this->url = LinkHandler::getInstance()->getLink();
                }
                
-               // drop index.php
-               $this->url = preg_replace('~index\.php~', '', $this->url);
+               parent::performRedirect();
        }
 }