encryptLogin should not trump showMessageOnLogin. Fixes bug #12245.

docs/changelog/7.x.x.txt

@@ -10,6 +10,7 @@
  - fixed #12246: Layout inherits mobileStyleTemplateId and mobileTemplateId from parent Layouts
  - fixed #12246: added extra_www_add_properties as properties fix-up hook in child for www_add
  - fixed #12231: Thingy reindex fails on upgrade
+ - fixed #12245: Encrypt Login and Display Message on Login conflict
 
 7.10.22
  - rfe   #12223: Add date type to content profiling (metadata)

lib/WebGUI/Auth.pm

@@ -32,6 +32,7 @@ use WebGUI::Workflow::Instance;
 use WebGUI::Shop::AddressBook;
 use WebGUI::Inbox;
 use WebGUI::Friends;
+use URI;
 
 # Profile field name for the number of times the showMessageOnLogin has been
 # seen.
@@ -894,12 +895,6 @@ sub login {
 	$u->karma($self->session->setting->get("karmaPerLogin"),"Login","Just for logging in.") if ($self->session->setting->get("useKarma"));
 	$self->_logLogin($uid,"success");
 
-	if ($self->session->setting->get('encryptLogin')) {
-		my $currentUrl = $self->session->url->page(undef,1);
-		$currentUrl =~ s/^https:/http:/;
-		$self->session->http->setRedirect($currentUrl);
-	}
-
         # Run on login
 	my $command = $self->session->config->get("runOnLogin");
 	if ($command ne "") {
@@ -927,6 +922,11 @@ sub login {
         $self->session->http->setRedirect($self->session->setting->get("redirectAfterLoginUrl"));
         $self->session->scratch->delete("redirectAfterLogin");
     }
+	elsif ($self->session->setting->get('encryptLogin')) {
+		my $currentUrl = $self->session->url->page(undef,1);
+		$currentUrl =~ s/^https:/http:/;
+		$self->session->http->setRedirect($currentUrl);
+	}
 
     # Get open version tag. This is needed if we want
     # to reclaim a version right after login (singlePerUser and siteWide mode)
@@ -1100,20 +1100,26 @@ sub showMessageOnLogin {
 
     # Add the link to continue
     my $session = $self->session;
-    $session->log->warn("returnUrl: >".$self->session->form->get( 'returnUrl' )."<");
-    $session->log->warn("redirectAfterLoginUrl: >".$self->session->form->get( 'returnUrl' )."<");
-    my $redirectUrl =  $self->session->form->get( 'returnUrl' )
-                    || $self->session->setting->get("redirectAfterLoginUrl")
-                    || $self->session->scratch->get( 'redirectAfterLogin' )
-                    || $self->session->url->getBackToSiteURL
+    my $redirectUrl =  $session->form->get( 'returnUrl' )
+                    || $session->setting->get("redirectAfterLoginUrl")
+                    || $session->scratch->get( 'redirectAfterLogin' )
+                    || $session->url->getBackToSiteURL
                     ;
 
+    if ($session->setting->get('encryptLogin') && ( ! $redirectUrl =~ /^http/)) {
+        ##A scheme-less URL has been supplied.  We need to make it an absolute one
+        ##with a non-encrypted scheme.  Otherwise the user will stay in SSL mode.
+        ##We assume that the user put the gateway URL into their URL.
+        my $uri = URI->new_abs($redirectUrl, $session->url->getSiteURL);
+        $uri->scheme('http');
+        $redirectUrl = $uri->as_string;
+    }
     $output     .= '<p><a href="' . $redirectUrl . '">' . $i18n->get( 'showMessageOnLogin return' ) 
                 .  '</a></p>'
                 ;
 
     # No matter what, we won't be redirecting after this
-    $self->session->scratch->delete( 'redirectAfterLogin' );
+    $session->scratch->delete( 'redirectAfterLogin' );
 
     return $output;
 }