The method was left at default/wasn't explicitly specified, so it was a
post form. Changing the method to 'get' resolves the problem.
On Wednesday, August 7, 2013 6:21:26 AM UTC-5, Anthony wrote:
>
> Only GET vars should be added to the _next parameter in the URL on a
> redirect to login. Does your form happen to be a GET form rather than a
> POST form?
>
> Anthony
>
> On Tuesday, August 6, 2013 10:21:06 PM UTC-4, Lamps902 wrote:
>>
>> I have a controller function which is protected by a standard
>> authentication decorator ("@auth.requires_login()"). The function presents
>> a page containing some forms (which contain a bunch of "INPUT( _type =
>> 'hidden', ...)" and one "INPUT(_type = 'image', ...)", which presents the
>> submission button).
>>
>> If a session terminates in a non-standard way (cookies deleted in
>> browser, "logout" is clicked and directed to a new tab, etc.), the page
>> with the forms is still present on screen, and if one of the forms is
>> clicked, the login prompt is presented. After the user logs in, the form is
>> processed as usual. However, if the user clicks on the form again, the
>> values submitted by the new form will be appended to the corresponding
>> values already present in request.vars, making a two-item list for each
>> var. That is, something like:
>>
>> request.vars.action = action1
>> request.vars.item = 24
>>
>> will turn into
>>
>> request.vars.action = action1
>> action1
>> request.vars.item = 24
>> 24
>>
>> Why are the new values appending to the old, instead of overwriting them?
>> What's the recommended way to deal with this situation? Thank you.
>>
>
--
---
You received this message because you are subscribed to the Google Groups
"web2py-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to web2py+unsubscr...@googlegroups.com.
For more options, visit https://groups.google.com/groups/opt_out.
