X-Git-Url: http://wagnertech.de/gitweb/gitweb.cgi/mfinanz.git/blobdiff_plain/a3339fc75fd7c2fd1328e5444dcde255e4034f95..540c0b5e9a38158e6f7a6efacd20b2477efad7ac:/SL/Controller/Base.pm

diff --git a/SL/Controller/Base.pm b/SL/Controller/Base.pm
index 29289ff96..f99b1e722 100644
--- a/SL/Controller/Base.pm
+++ b/SL/Controller/Base.pm
@@ -21,11 +21,20 @@ sub url_for {
 
   my %params      = ref($_[0]) eq 'HASH' ? %{ $_[0] } : @_;
   my $controller  = delete($params{controller}) || $self->_controller_name;
-  my $action      = delete($params{action})     || 'dispatch';
-  $params{action} = "${controller}/${action}";
+  my $action      = $params{action}             || 'dispatch';
+
+  my $script;
+  if ($controller =~ m/\.pl$/) {
+    # Old-style controller
+    $script = $controller;
+  } else {
+    $params{action} = "${controller}/${action}";
+    $script         = "controller.pl";
+  }
+
   my $query       = join '&', map { uri_encode($_->[0]) . '=' . uri_encode($_->[1]) } @{ flatten(\%params) };
 
-  return "controller.pl?${query}";
+  return "${script}?${query}";
 }
 
 sub redirect_to {
@@ -172,6 +181,10 @@ sub get_auth_level {
   return 'user';
 }
 
+sub keep_auth_vars_in_form {
+  return 0;
+}
+
 #
 # private functions -- for use in Base only
 #
@@ -517,6 +530,13 @@ C<user> (authentication as a normal user suffices) with a possible
 future value C<none> (which would require no authentication but is not
 yet implemented).
 
+=item C<keep_auth_vars_in_form>
+
+May be overridden by a controller. If falsish (the default) all form
+variables whose name starts with C<{AUTH}> are removed before the
+request is routed. Only controllers that handle login requests
+themselves should return trueish for this function.
+
 =back
 
 =head2 PRIVATE FUNCTIONS