Fixed encrypt login behaviour

docs/changelog/7.x.x.txt

@@ -22,6 +22,9 @@
    original patch.  Although I couldn't use the code in wG 7, it inspired the RFE.
    Also added the feature requested in the thread to allow the files to be
    emailed as attachments.
+ - Fixed behaviour of the Encrypt Login setting, in such way that only the form 
+   post containing the login credentials is sent over https. After authentication
+   the user is redirected to http. (Martin Kamerbeek / Procolix)
 
 7.2.3
  - fix: minor bug with new template vars in Auth::createAccount

lib/WebGUI/Auth.pm

@@ -605,6 +605,12 @@ sub login {
    	$self->session->user({user=>$u});
 	$u->karma($self->session->setting->get("karmaPerLogin"),"Login","Just for logging in.") if ($self->session->setting->get("useKarma"));
 	$self->_logLogin($uid,"success");
+
+	if ($self->session->setting->get('encryptLogin')) {
+		my $currentUrl = $self->session->url->page(undef,1);
+		$currentUrl =~ s/^https:/http:/;
+		$self->session->http->setRedirect($currentUrl);
+	}
 	if ($self->session->scratch->get("redirectAfterLogin")) {
 		$self->session->http->setRedirect($self->session->scratch->get("redirectAfterLogin"));
 	  	$self->session->scratch->delete("redirectAfterLogin");