Alter #action of login block form [#462438]

Comment	File	Size	Author
#2	securepages-462438_2.patch	2.03 KB	pebosi
#1	securepages-462438.patch	2.01 KB	pebosi

Status	File	Size
new	securepages-462438.patch	2.01 KB

Comment #2

pebosi commented 14 May 2009 at 12:32

Status	File	Size
new	securepages-462438_2.patch	2.03 KB

updated patch to use "securepages_baseurl()"

Log in or register to post comments

Comment #3

pebosi commented 14 May 2009 at 12:41

Status:

Active

» Needs review

Log in or register to post comments

Comment #4

josepvalls commented 19 December 2009 at 11:14

Doesn't work for me, the #action is always the old relative action.
I even tried my own module and same happened. What am I doing wrong? Something in the configuration? Is there something overwritting my action? I had login toboggan but it's disabled now.

function tests_form_alter(&$form, $form_state, $form_id) {
drupal_set_message('alter','info');
   if($form_id == 'user_login_block' || $form_id == 'user_login') {
    $form['#action'] = 'https://www.mydomain.com/mydirectory' . $form['#action'];
    drupal_set_message('alter login','info');
   }
}

I can see my messages when the form show up.

Log in or register to post comments

Comment #5

sillygwailo

Toronto, ON

commented 5 October 2010 at 18:35

Status:

Needs review

» Needs work

Log in or register to post comments

Comment #6

grendzy commented 25 October 2010 at 20:38

Status:

Needs work

» Closed (works as designed)

IMHO, the best solution is to use http://drupal.org/project/securepages_prevent_hijack , which ensures passwords are sent over SSL. Securing the login form by itself has almost no value, because you're still vulnerable to session hijacking.

Log in or register to post comments

Alter #action of login block form

Comments

Comment #1

Comment #2

Comment #3

Comment #4

Comment #5

Comment #6

News items

Our community

Documentation

Drupal code base

Governance of community