From 148310e5fc78e69f6bde3683855009dc3d8d485b Mon Sep 17 00:00:00 2001 From: Evan Prodromou Date: Sat, 28 Mar 2009 17:36:39 -0400 Subject: welcome notice, default sub for new users --- lib/common.php | 3 +++ lib/noticelist.php | 1 + 2 files changed, 4 insertions(+) (limited to 'lib') diff --git a/lib/common.php b/lib/common.php index 1ca9e521b..caad705a4 100644 --- a/lib/common.php +++ b/lib/common.php @@ -151,6 +151,9 @@ $config = array('notify' => array()), 'inboxes' => array('enabled' => true), # on by default for new sites + 'newuser' => + array('subscribe' => null, + 'welcome' => null), ); $config['db'] = &PEAR::getStaticProperty('DB_DataObject','options'); diff --git a/lib/noticelist.php b/lib/noticelist.php index 8523f2e63..4182d8808 100644 --- a/lib/noticelist.php +++ b/lib/noticelist.php @@ -391,6 +391,7 @@ class NoticeListItem extends Widget case 'xmpp': case 'mail': case 'omb': + case 'system': case 'api': $this->out->element('dd', null, $source_name); break; -- cgit v1.2.3-54-g00ecf From 47b89aa2c3a3e07d6dc63cd5be1d558af8ece233 Mon Sep 17 00:00:00 2001 From: Evan Prodromou Date: Mon, 30 Mar 2009 15:05:50 -0400 Subject: Changes to router setup to make notice search RSS feed work Conflicts: lib/router.php --- lib/router.php | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) (limited to 'lib') diff --git a/lib/router.php b/lib/router.php index 135e07a0f..77794aaf7 100644 --- a/lib/router.php +++ b/lib/router.php @@ -136,10 +136,14 @@ class Router foreach (array('group', 'people', 'notice') as $s) { $m->connect('search/'.$s, array('action' => $s.'search')); - $m->connect('search/'.$s.'?q=:q', array('action' => $s.'search'), array('q' => '.+')); + $m->connect('search/'.$s.'?q=:q', array('action' => $s.'search'),array('q' => '.+')); } + // The second of these is needed to make the link work correctly + // when inserted into the page. The first is needed to match the + // route on the way in. Seems to be another Net_URL_Mapper bug to me. $m->connect('search/notice/rss', array('action' => 'noticesearchrss')); + $m->connect('search/notice/rss?q=:q', array('action' => 'noticesearchrss'),array('q' => '.+')); // notice -- cgit v1.2.3-54-g00ecf From e149f3d64b5c0a58b299fb607824a1cd515836a4 Mon Sep 17 00:00:00 2001 From: Evan Prodromou Date: Thu, 26 Mar 2009 15:03:59 -0400 Subject: Support SSL for some, all, or no pages Support SSL URLs either for all pages; no pages; or for sensitive pages accepting passwords, like login, registration, API, and others. --- README | 10 ++++++++++ config.php.sample | 10 ++++++++++ lib/common.php | 2 ++ lib/util.php | 31 ++++++++++++++++++++++++++----- 4 files changed, 48 insertions(+), 5 deletions(-) (limited to 'lib') diff --git a/README b/README index 73cb95367..70815c141 100644 --- a/README +++ b/README @@ -925,6 +925,16 @@ dupelimit: Time in which it's not OK for the same person to post the same notice; default = 60 seconds. logo: URL of an image file to use as the logo for the site. Overrides the logo in the theme, if any. +ssl: Whether to use SSL and https:// URLs for some or all pages. + Possible values are 'always' (use it for all pages), 'never' + (don't use it for any pages), or 'sometimes' (use it for + sensitive pages that include passwords like login and registration, + but not for regular pages). Default to 'never'. +sslserver: use an alternate server name for SSL URLs, like + 'secure.example.org'. You should be careful to set cookie + parameters correctly so that both the SSL server and the + "normal" server can access the session cookie and + preferably other cookies as well. db -- diff --git a/config.php.sample b/config.php.sample index 529e86f15..d62a54fe7 100644 --- a/config.php.sample +++ b/config.php.sample @@ -174,3 +174,13 @@ $config['sphinx']['port'] = 3312; #http://taguri.org/ Examples: #$config['integration']['taguri'] = 'example.net,2008'; #$config['integration']['taguri'] = 'admin@example.net,2009-03-09' + +#Don't use SSL +#$config['site']['ssl'] = 'never'; +#Use SSL only for sensitive pages (like login, password change) +#$config['site']['ssl'] = 'sometimes'; +#Use SSL for all pages +#$config['site']['ssl'] = 'always'; + +#Use a different hostname for SSL-encrypted pages +#$config['site']['sslserver'] = 'secure.example.org'; diff --git a/lib/common.php b/lib/common.php index caad705a4..c2037c3ad 100644 --- a/lib/common.php +++ b/lib/common.php @@ -87,6 +87,8 @@ $config = 'closed' => false, 'inviteonly' => false, 'private' => false, + 'ssl' => 'never', + 'sslserver' => null, 'dupelimit' => 60), # default for same person saying the same thing 'syslog' => array('appname' => 'laconica', # for syslog diff --git a/lib/util.php b/lib/util.php index ef73adc36..fdcae0aca 100644 --- a/lib/util.php +++ b/lib/util.php @@ -721,25 +721,46 @@ function common_relative_profile($sender, $nickname, $dt=null) function common_local_url($action, $args=null, $params=null, $fragment=null) { + static $sensitive = array('login', 'register', 'passwordsettings', + 'twittersettings', 'finishopenidlogin', + 'api'); + $r = Router::get(); $path = $r->build($action, $args, $params, $fragment); + $ssl = in_array($action, $sensitive); + if (common_config('site','fancy')) { - $url = common_path(mb_substr($path, 1)); + $url = common_path(mb_substr($path, 1), $ssl); } else { if (mb_strpos($path, '/index.php') === 0) { - $url = common_path(mb_substr($path, 1)); + $url = common_path(mb_substr($path, 1), $ssl); } else { - $url = common_path('index.php'.$path); + $url = common_path('index.php'.$path, $ssl); } } return $url; } -function common_path($relative) +function common_path($relative, $ssl=false) { $pathpart = (common_config('site', 'path')) ? common_config('site', 'path')."/" : ''; - return "http://".common_config('site', 'server').'/'.$pathpart.$relative; + + if (($ssl && (common_config('site', 'ssl') === 'sometimes')) + || common_config('site', 'ssl') === 'always') { + $proto = 'https'; + if (is_string(common_config('site', 'sslserver')) && + mb_strlen(common_config('site', 'sslserver')) > 0) { + $serverpart = common_config('site', 'sslserver'); + } else { + $serverpart = common_config('site', 'server'); + } + } else { + $proto = 'http'; + $serverpart = common_config('site', 'server'); + } + + return $proto.'://'.$serverpart.'/'.$pathpart.$relative; } function common_date_string($dt) -- cgit v1.2.3-54-g00ecf From 1fbf9a042e2e7ed1f67dfad9b7fe3b96019bd1a3 Mon Sep 17 00:00:00 2001 From: Evan Prodromou Date: Tue, 31 Mar 2009 10:09:11 -0400 Subject: give the correct root url when SSL enabled --- lib/openid.php | 2 +- lib/util.php | 4 ++-- 2 files changed, 3 insertions(+), 3 deletions(-) (limited to 'lib') diff --git a/lib/openid.php b/lib/openid.php index 3aa488b6d..f3769c6fc 100644 --- a/lib/openid.php +++ b/lib/openid.php @@ -160,7 +160,7 @@ function oid_authenticate($openid_url, $returnto, $immediate=false) $auth_request->addExtension($sreg_request); } - $trust_root = common_path(''); + $trust_root = common_root_url(true); $process_url = common_local_url($returnto); if ($auth_request->shouldSendRedirect()) { diff --git a/lib/util.php b/lib/util.php index fdcae0aca..98a3ae844 100644 --- a/lib/util.php +++ b/lib/util.php @@ -952,9 +952,9 @@ function common_profile_url($nickname) // Should make up a reasonable root URL -function common_root_url() +function common_root_url($ssl=false) { - return common_path(''); + return common_path('', $ssl); } // returns $bytes bytes of random data as a hexadecimal string -- cgit v1.2.3-54-g00ecf From b112b326402200c164fc5c9678d4aff656f7afd4 Mon Sep 17 00:00:00 2001 From: Sarven Capadisli Date: Wed, 1 Apr 2009 01:03:00 +0000 Subject: Selector to allow styles when a user is logged in. --- lib/action.php | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) (limited to 'lib') diff --git a/lib/action.php b/lib/action.php index f0baa062c..5d0d5b758 100644 --- a/lib/action.php +++ b/lib/action.php @@ -326,7 +326,9 @@ class Action extends HTMLOutputter // lawsuit */ function showBody() { - $this->elementStart('body', array('id' => $this->trimmed('action'))); + $this->elementStart('body', (common_current_user()) ? array('id' => $this->trimmed('action'), + 'class' => 'user_in') + : array('id' => $this->trimmed('action'))); $this->elementStart('div', array('id' => 'wrap')); if (Event::handle('StartShowHeader', array($this))) { $this->showHeader(); -- cgit v1.2.3-54-g00ecf From 783d292739886811ab41215c614940d24214358f Mon Sep 17 00:00:00 2001 From: Sarven Capadisli Date: Wed, 1 Apr 2009 01:03:00 +0000 Subject: Selector to allow styles when a user is logged in. --- lib/action.php | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) (limited to 'lib') diff --git a/lib/action.php b/lib/action.php index 975c2bfcb..f9f3c35d9 100644 --- a/lib/action.php +++ b/lib/action.php @@ -299,7 +299,9 @@ class Action extends HTMLOutputter // lawsuit */ function showBody() { - $this->elementStart('body', array('id' => $this->trimmed('action'))); + $this->elementStart('body', (common_current_user()) ? array('id' => $this->trimmed('action'), + 'class' => 'user_in') + : array('id' => $this->trimmed('action'))); $this->elementStart('div', array('id' => 'wrap')); if (Event::handle('StartShowHeader', array($this))) { $this->showHeader(); -- cgit v1.2.3-54-g00ecf From e7381493ad036e686f82f432066f00ff911ad5d5 Mon Sep 17 00:00:00 2001 From: CiaranG Date: Wed, 1 Apr 2009 18:11:02 +0100 Subject: Return redirect code correctly as HTTP status, not a header. Fixes ticket #1371 --- lib/util.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'lib') diff --git a/lib/util.php b/lib/util.php index fdcae0aca..26f1ff179 100644 --- a/lib/util.php +++ b/lib/util.php @@ -850,7 +850,7 @@ function common_redirect($url, $code=307) 303 => "See Other", 307 => "Temporary Redirect"); - header("Status: ${code} $status[$code]"); + header('HTTP/1.1 '.$code.' '.$status[$code]); header("Location: $url"); $xo = new XMLOutputter(); -- cgit v1.2.3-54-g00ecf From c172cbafaa9ba17ff8ca5c6dd07741bd0de96871 Mon Sep 17 00:00:00 2001 From: Evan Prodromou Date: Wed, 1 Apr 2009 15:30:59 -0400 Subject: Try to do intelligent redirect codes After fixing the redirect code output, there are a lot of weirdnesses with e.g. form handling. Try to add explicit redirect codes where needed -- principly when handling a POST. --- actions/block.php | 11 ++++++----- actions/deletenotice.php | 2 +- actions/disfavor.php | 5 +++-- actions/editgroup.php | 3 +-- actions/favor.php | 7 ++++--- actions/finishaddopenid.php | 2 +- actions/finishopenidlogin.php | 5 +++-- actions/finishremotesubscribe.php | 3 ++- actions/joingroup.php | 3 ++- actions/leavegroup.php | 3 ++- actions/login.php | 2 +- actions/logout.php | 8 ++++---- actions/newgroup.php | 2 +- actions/nudge.php | 7 ++++--- actions/remotesubscribe.php | 4 ++-- actions/smssettings.php | 3 ++- actions/subedit.php | 3 ++- actions/subscribe.php | 3 ++- actions/tag.php | 4 +++- actions/tagother.php | 3 ++- actions/unblock.php | 5 +++-- actions/unsubscribe.php | 3 ++- lib/openid.php | 2 +- lib/settingsaction.php | 4 ++-- 24 files changed, 56 insertions(+), 41 deletions(-) (limited to 'lib') diff --git a/actions/block.php b/actions/block.php index e77b634c8..34f991dc6 100644 --- a/actions/block.php +++ b/actions/block.php @@ -93,7 +93,8 @@ class BlockAction extends Action if ($this->arg('no')) { $cur = common_current_user(); $other = Profile::staticGet('id', $this->arg('blockto')); - common_redirect(common_local_url('showstream', array('nickname' => $other->nickname))); + common_redirect(common_local_url('showstream', array('nickname' => $other->nickname)), + 303); } elseif ($this->arg('yes')) { $this->blockProfile(); } elseif ($this->arg('blockto')) { @@ -102,7 +103,6 @@ class BlockAction extends Action } } - function showContent() { $this->areYouSureForm(); } @@ -110,7 +110,7 @@ class BlockAction extends Action function title() { return _('Block user'); } - + function showNoticeForm() { // nop } @@ -178,10 +178,11 @@ class BlockAction extends Action } if ($action) { - common_redirect(common_local_url($action, $args)); + common_redirect(common_local_url($action, $args), 303); } else { common_redirect(common_local_url('subscriptions', - array('nickname' => $cur->nickname))); + array('nickname' => $cur->nickname)), + 303); } } } diff --git a/actions/deletenotice.php b/actions/deletenotice.php index 16e2df889..6c350b33a 100644 --- a/actions/deletenotice.php +++ b/actions/deletenotice.php @@ -141,6 +141,6 @@ class DeletenoticeAction extends DeleteAction $url = common_local_url('public'); } - common_redirect($url); + common_redirect($url, 303); } } diff --git a/actions/disfavor.php b/actions/disfavor.php index 90bab3cca..bc13b09da 100644 --- a/actions/disfavor.php +++ b/actions/disfavor.php @@ -49,7 +49,7 @@ class DisfavorAction extends Action { /** * Class handler. - * + * * @param array $args query arguments * * @return void @@ -100,7 +100,8 @@ class DisfavorAction extends Action $this->elementEnd('html'); } else { common_redirect(common_local_url('showfavorites', - array('nickname' => $user->nickname))); + array('nickname' => $user->nickname)), + 303); } } } diff --git a/actions/editgroup.php b/actions/editgroup.php index e7e79040a..39dad0465 100644 --- a/actions/editgroup.php +++ b/actions/editgroup.php @@ -166,7 +166,6 @@ class EditgroupAction extends Action return; } - $nickname = common_canonical_nickname($this->trimmed('nickname')); $fullname = $this->trimmed('fullname'); $homepage = $this->trimmed('homepage'); @@ -221,7 +220,7 @@ class EditgroupAction extends Action if ($this->group->nickname != $orig->nickname) { common_redirect(common_local_url('editgroup', array('nickname' => $nickname)), - 307); + 303); } else { $this->showForm(_('Options saved.')); } diff --git a/actions/favor.php b/actions/favor.php index 3940df688..3b7d979eb 100644 --- a/actions/favor.php +++ b/actions/favor.php @@ -52,7 +52,7 @@ class FavorAction extends Action { /** * Class handler. - * + * * @param array $args query arguments * * @return void @@ -100,13 +100,14 @@ class FavorAction extends Action $this->elementEnd('html'); } else { common_redirect(common_local_url('showfavorites', - array('nickname' => $user->nickname))); + array('nickname' => $user->nickname)), + 303); } } /** * Notifies a user when his notice is favorited. - * + * * @param class $notice favorited notice * @param class $user user declaring a favorite * diff --git a/actions/finishaddopenid.php b/actions/finishaddopenid.php index 8f10505cf..32bceecfd 100644 --- a/actions/finishaddopenid.php +++ b/actions/finishaddopenid.php @@ -139,7 +139,7 @@ class FinishaddopenidAction extends Action oid_set_last($display); - common_redirect(common_local_url('openidsettings')); + common_redirect(common_local_url('openidsettings'), 303); } } diff --git a/actions/finishopenidlogin.php b/actions/finishopenidlogin.php index 52d9be29c..952185742 100644 --- a/actions/finishopenidlogin.php +++ b/actions/finishopenidlogin.php @@ -271,7 +271,8 @@ class FinishopenidloginAction extends Action common_rememberme($user); } unset($_SESSION['openid_rememberme']); - common_redirect(common_local_url('showstream', array('nickname' => $user->nickname))); + common_redirect(common_local_url('showstream', array('nickname' => $user->nickname)), + 303); } function connectUser() @@ -324,7 +325,7 @@ class FinishopenidloginAction extends Action array('nickname' => $nickname)); } - common_redirect($url); + common_redirect($url, 303); } function bestNewNickname($display, $sreg) diff --git a/actions/finishremotesubscribe.php b/actions/finishremotesubscribe.php index eaf57c2d8..d54c29a60 100644 --- a/actions/finishremotesubscribe.php +++ b/actions/finishremotesubscribe.php @@ -230,7 +230,8 @@ class FinishremotesubscribeAction extends Action # show up close to the top of the page common_redirect(common_local_url('subscribers', array('nickname' => - $user->nickname))); + $user->nickname)), + 303); } function add_avatar($profile, $url) diff --git a/actions/joingroup.php b/actions/joingroup.php index eeea4a37b..a5d82ddc7 100644 --- a/actions/joingroup.php +++ b/actions/joingroup.php @@ -143,7 +143,8 @@ class JoingroupAction extends Action $this->elementEnd('html'); } else { common_redirect(common_local_url('groupmembers', array('nickname' => - $this->group->nickname))); + $this->group->nickname)), + 303); } } } \ No newline at end of file diff --git a/actions/leavegroup.php b/actions/leavegroup.php index eb30d0e50..215ccd901 100644 --- a/actions/leavegroup.php +++ b/actions/leavegroup.php @@ -147,7 +147,8 @@ class LeavegroupAction extends Action $this->elementEnd('html'); } else { common_redirect(common_local_url('groupmembers', array('nickname' => - $this->group->nickname))); + $this->group->nickname)), + 303); } } } diff --git a/actions/login.php b/actions/login.php index b049791fb..59c6b4874 100644 --- a/actions/login.php +++ b/actions/login.php @@ -138,7 +138,7 @@ class LoginAction extends Action $nickname)); } - common_redirect($url); + common_redirect($url, 303); } /** diff --git a/actions/logout.php b/actions/logout.php index 3977f90a0..b7681be38 100644 --- a/actions/logout.php +++ b/actions/logout.php @@ -46,10 +46,10 @@ require_once INSTALLDIR.'/lib/openid.php'; */ class LogoutAction extends Action { - + /** * This is read only. - * + * * @return boolean true */ function isReadOnly() @@ -59,7 +59,7 @@ class LogoutAction extends Action /** * Class handler. - * + * * @param array $args array of arguments * * @return nothing @@ -73,7 +73,7 @@ class LogoutAction extends Action common_set_user(null); common_real_login(false); // not logged in common_forgetme(); // don't log back in! - common_redirect(common_local_url('public')); + common_redirect(common_local_url('public'), 303); } } } diff --git a/actions/newgroup.php b/actions/newgroup.php index cbd8dfeec..67cd6b2f1 100644 --- a/actions/newgroup.php +++ b/actions/newgroup.php @@ -193,7 +193,7 @@ class NewgroupAction extends Action $group->query('COMMIT'); - common_redirect($group->homeUrl(), 307); + common_redirect($group->homeUrl(), 303); } function nicknameExists($nickname) diff --git a/actions/nudge.php b/actions/nudge.php index bc3d48478..b4e5e01dd 100644 --- a/actions/nudge.php +++ b/actions/nudge.php @@ -50,7 +50,7 @@ class NudgeAction extends Action { /** * Class handler. - * + * * @param array $args array of arguments * * @return nothing @@ -75,7 +75,7 @@ class NudgeAction extends Action // CSRF protection $token = $this->trimmed('token'); - + if (!$token || $token != common_session_token()) { $this->clientError(_('There was a problem with your session token. Try again, please.')); return; @@ -100,7 +100,8 @@ class NudgeAction extends Action } else { // display a confirmation to the user common_redirect(common_local_url('showstream', - array('nickname' => $other->nickname))); + array('nickname' => $other->nickname)), + 303); } } diff --git a/actions/remotesubscribe.php b/actions/remotesubscribe.php index af130f425..2e721a38b 100644 --- a/actions/remotesubscribe.php +++ b/actions/remotesubscribe.php @@ -99,7 +99,7 @@ class RemotesubscribeAction extends Action $this->elementStart('fieldset'); $this->element('legend', 'Subscribe to a remote user'); $this->hidden('token', common_session_token()); - + $this->elementStart('ul', 'form_data'); $this->elementStart('li'); $this->input('nickname', _('User nickname'), $this->nickname, @@ -407,7 +407,7 @@ class RemotesubscribeAction extends Action # Redirect to authorization service - common_redirect($req->to_url()); + common_redirect($req->to_url(), 303); return; } } diff --git a/actions/smssettings.php b/actions/smssettings.php index a5f75d266..922bab9a4 100644 --- a/actions/smssettings.php +++ b/actions/smssettings.php @@ -488,7 +488,8 @@ class SmssettingsAction extends ConnectSettingsAction } common_redirect(common_local_url('confirmaddress', - array('code' => $code))); + array('code' => $code)), + 303); } /** diff --git a/actions/subedit.php b/actions/subedit.php index 89081ffc7..8ca2d7914 100644 --- a/actions/subedit.php +++ b/actions/subedit.php @@ -85,7 +85,8 @@ class SubeditAction extends Action } common_redirect(common_local_url('subscriptions', - array('nickname' => $cur->nickname))); + array('nickname' => $cur->nickname)), + 303); } } } diff --git a/actions/subscribe.php b/actions/subscribe.php index f761992de..0bc522867 100644 --- a/actions/subscribe.php +++ b/actions/subscribe.php @@ -75,7 +75,8 @@ class SubscribeAction extends Action $this->elementEnd('html'); } else { common_redirect(common_local_url('subscriptions', array('nickname' => - $user->nickname))); + $user->nickname)), + 303); } } } diff --git a/actions/tag.php b/actions/tag.php index 231f2c299..d15f64498 100644 --- a/actions/tag.php +++ b/actions/tag.php @@ -33,7 +33,9 @@ class TagAction extends Action } if ($this->tag != $taginput) { - common_redirect(common_local_url('tag', array('tag' => $this->tag))); + common_redirect(common_local_url('tag', array('tag' => $this->tag)), + 301); + return false; } $this->page = ($this->arg('page')) ? ($this->arg('page')+0) : 1; diff --git a/actions/tagother.php b/actions/tagother.php index 0d18945a0..0c5bb7cf3 100644 --- a/actions/tagother.php +++ b/actions/tagother.php @@ -221,7 +221,8 @@ class TagotherAction extends Action $this->elementEnd('html'); } else { common_redirect(common_local_url($action, array('nickname' => - $user->nickname))); + $user->nickname)), + 303); } } diff --git a/actions/unblock.php b/actions/unblock.php index bad496353..8573b2a87 100644 --- a/actions/unblock.php +++ b/actions/unblock.php @@ -116,10 +116,11 @@ class UnblockAction extends Action } } if ($action) { - common_redirect(common_local_url($action, $args)); + common_redirect(common_local_url($action, $args), 303); } else { common_redirect(common_local_url('subscriptions', - array('nickname' => $cur->nickname))); + array('nickname' => $cur->nickname)), + 303); } } } diff --git a/actions/unsubscribe.php b/actions/unsubscribe.php index b1e2b6425..7dcab04c0 100644 --- a/actions/unsubscribe.php +++ b/actions/unsubscribe.php @@ -77,7 +77,8 @@ class UnsubscribeAction extends Action $this->elementEnd('html'); } else { common_redirect(common_local_url('subscriptions', array('nickname' => - $user->nickname))); + $user->nickname)), + 303); } } } diff --git a/lib/openid.php b/lib/openid.php index f3769c6fc..3af7a39cf 100644 --- a/lib/openid.php +++ b/lib/openid.php @@ -171,7 +171,7 @@ function oid_authenticate($openid_url, $returnto, $immediate=false) } else if (Auth_OpenID::isFailure($redirect_url)) { return sprintf(_('Could not redirect to server: %s'), $redirect_url->message); } else { - common_redirect($redirect_url); + common_redirect($redirect_url, 303); } } else { // Generate form markup and render it. diff --git a/lib/settingsaction.php b/lib/settingsaction.php index 53c807c6f..db20c5804 100644 --- a/lib/settingsaction.php +++ b/lib/settingsaction.php @@ -78,9 +78,9 @@ class SettingsAction extends Action common_set_returnto($this->selfUrl()); $user = common_current_user(); if ($user->hasOpenID()) { - common_redirect(common_local_url('openidlogin')); + common_redirect(common_local_url('openidlogin'), 303); } else { - common_redirect(common_local_url('login')); + common_redirect(common_local_url('login'), 303); } } else if ($_SERVER['REQUEST_METHOD'] == 'POST') { $this->handlePost(); -- cgit v1.2.3-54-g00ecf