Fix loginpage.php Loop

[def-WA2025]

What does this PR aim to accomplish?

Fix loginpage.php loop.

How does this PR accomplish the above?

Check if Please logout First! is displayed on loginpage.php

---

By submitting this pull request, I confirm the following:

1. I have read and understood the contributor's guide, as well as this entire template. I understand which branch to base my commits and Pull Requests against.
2. I have commented on my proposed changes within the code.
3. I have tested my changes.
4. I am willing to help maintain this change if there are issues with it later.
5. It is compatible with the GNU General Public License v3.0
6. I have squashed any insignificant commits. (git rebase)
7. I have checked that another pull request for this purpose does not exist.
8. I have considered and confirmed that this submission will be valuable to others.
9. I accept that this submission may not be used, and the pull request can be closed at the will of the maintainer.
10. I give this submission freely and claim no ownership to its content.
11. I have verified that my changes work correctly in both the new UI and the old/classic UI.

---

• I have read the above and my PR is ready for review. Check this box to confirm

Summary by Sourcery

Bug Fixes:

• Avoid repeated redirects to loginpage.php when the page shows a 'Please logout First!' state by redirecting back to the stored last page.

---

Summary by cubic

Fix the redirect loop on loginpage.php when AutoLogin is enabled by prefetching the page, detecting the “Please logout First!” state, and skipping redirects if already logged in. Bumps to 3.4.5 and updates release metadata in Update.json.

• Bug Fixes
  • Prefetch loginpage.php and set logined when “Please logout First!” is found.
  • Gate both the profile-null redirect and AutoLogin redirects with !logined to stop infinite loops.
  • Persist UserScript-LastPage before redirecting.

^{Written for commit e23fdd6. Summary will update on new commits.}

[sourcery-ai]

Reviewer's guide (collapsed on small PRs)

Reviewer's Guide

Introduces a guard against infinite redirects on the login page by tracking when the site is already in a 'logged-in but must log out first' state and short‑circuiting the AutoLogin redirection logic to return the user to their last page instead of re-opening loginpage.php.

Sequence diagram for AutoLogin redirect with logined loop guard

sequenceDiagram
    actor User
    participant Browser
    participant UserScript
    participant XMOJ_Server

    User->>Browser: Open protected_page
    Browser->>XMOJ_Server: GET protected_page
    XMOJ_Server-->>Browser: HTML with login_required_message
    Browser->>UserScript: Execute XMOJ.user.js

    UserScript->>Browser: Read body_a_1_innerText
    alt AutoLogin_enabled and login_required_message
        UserScript->>Browser: Store last_page in localStorage
        UserScript->>Browser: Redirect to loginpage_php
        Browser->>XMOJ_Server: GET loginpage_php
        XMOJ_Server-->>Browser: HTML with Please_logout_First_message
        Browser->>UserScript: Execute XMOJ.user.js on loginpage

        UserScript->>Browser: Read first_link_innerText
        UserScript->>UserScript: Set logined = (first_link_innerText == Please_logout_First_message)

        alt Profile_missing or login_required_on_other_pages
            alt logined is true
                UserScript->>Browser: Read last_page from localStorage
                UserScript->>Browser: Redirect back to last_page
            else logined is false
                UserScript->>Browser: Redirect to loginpage_php (no loop guard)
            end
        else Already_on_profile_page
            UserScript->>Browser: Do nothing
        end
    else AutoLogin_disabled or no_login_required_message
        UserScript->>Browser: Do nothing
    end

Loading

Flow diagram for AutoLogin logic with logined loop protection

flowchart TD
    A[Start page_load] --> B[Check UtilityEnabled AutoLogin]
    B -->|false| Z[End no_autologin]
    B -->|true| C[Read first_link_innerText]

    C --> D{first_link_is_please_login_then_continue}
    D -->|true| E[Set last_page = pathname + search in localStorage]
    E --> F[Set logined based on whether first_anchor_innerText equals Please_logout_First]
    F --> G{logined is true}
    G -->|true| H[Redirect to last_page_or_root]
    G -->|false| I[Redirect to loginpage_php]

    D -->|false| J[Check profile_element]
    J --> K{profile_element is null}
    K -->|true| L[Set logined based on whether first_anchor_innerText equals Please_logout_First]
    L --> M{logined is true}
    M -->|true| H
    M -->|false| N[Redirect to loginpage_php]

    K -->|false| O{profile_innerHTML is 登录 and pathname not login_pages}
    O -->|true| P[Set logined based on whether first_anchor_innerText equals Please_logout_First]
    P --> Q{logined is true}
    Q -->|true| H
    Q -->|false| R[Store last_page and redirect to loginpage_php]

    O -->|false| Z
    I --> Z
    N --> Z
    R --> Z
    H --> Z[End]

Loading

File-Level Changes

Change	Details	Files
Add a reusable flag to detect the 'Please logout First!' state and use it to bypass AutoLogin redirects when the user is already on the login/logout flow.	Introduce a top-level logined boolean computed from the first anchor element’s inner text equaling "Please logout First!". In the initial AutoLogin block that reacts to the '请登录后继续操作' message, conditionally redirect back to the stored last page instead of proceeding to loginpage.php when logined is true, otherwise continue to store the current path in UserScript-LastPage and redirect to loginpage.php. In the early check for absence of #profile, insert a logined guard that redirects back to the stored last page when already in the 'Please logout First!' state, otherwise redirect to loginpage.php as before. In the later AutoLogin logic inside main(), add the same logined check before storing UserScript-LastPage and redirecting to loginpage.php, preventing loops when the user is forced to log out first.	XMOJ.user.js

Possibly linked issues

• #unknown: PR adds checks and redirects back when already logged in, directly fixing the loginpage.php redirect loop issue.
• #: PR adds logged-in checks and redirects to stop the loginpage.php flashing loop described in the issue

---

Tips and commands

Interacting with Sourcery

• Trigger a new review: Comment @sourcery-ai review on the pull request.
• Continue discussions: Reply directly to Sourcery's review comments.
• Generate a GitHub issue from a review comment: Ask Sourcery to create an
  issue from a review comment by replying to it. You can also reply to a
  review comment with @sourcery-ai issue to create an issue from it.
• Generate a pull request title: Write @sourcery-ai anywhere in the pull
  request title to generate a title at any time. You can also comment
  @sourcery-ai title on the pull request to (re-)generate the title at any time.
• Generate a pull request summary: Write @sourcery-ai summary anywhere in
  the pull request body to generate a PR summary at any time exactly where you
  want it. You can also comment @sourcery-ai summary on the pull request to
  (re-)generate the summary at any time.
• Generate reviewer's guide: Comment @sourcery-ai guide on the pull
  request to (re-)generate the reviewer's guide at any time.
• Resolve all Sourcery comments: Comment @sourcery-ai resolve on the
  pull request to resolve all Sourcery comments. Useful if you've already
  addressed all the comments and don't want to see them anymore.
• Dismiss all Sourcery reviews: Comment @sourcery-ai dismiss on the pull
  request to dismiss all existing Sourcery reviews. Especially useful if you
  want to start fresh with a new review - don't forget to comment
  @sourcery-ai review to trigger a new review!

Customizing Your Experience

Access your dashboard to:

• Enable or disable review features such as the Sourcery-generated pull request
  summary, the reviewer's guide, and others.
• Change the review language.
• Add, remove or edit custom review instructions.
• Adjust other review settings.

Getting Help

• Contact our support team for questions or feedback.
• Visit our documentation for detailed guides and information.
• Keep in touch with the Sourcery team by following us on X/Twitter, LinkedIn or GitHub.

[cloudflare-workers-and-pages]

Deploying xmoj-script-dev-channel with    Cloudflare Pages

Latest commit:	e23fdd6
Status:	✅  Deploy successful!
Preview URL:	https://b510b6e1.xmoj-script-dev-channel.pages.dev
Branch Preview URL:	https://fix-loginpage-loop-nqpm.xmoj-script-dev-channel.pages.dev

View logs

[sourcery-ai]

Hey - I've found 1 issue, and left some high level feedback:

• The logined variable assumes document.querySelector('a') is non-null and that the first <a> always contains the "Please logout First!" text; consider adding a null check and using a more specific selector tied to the logout element to avoid runtime errors and brittle behavior.
• The redirect-back logic using localStorage.getItem("UserScript-LastPage") ?? "/" is duplicated in several places; extracting this into a small helper function would make the flow easier to maintain and less error-prone.
• The login-state checks mix English ("Please logout First!") and Chinese UI text ("请登录后继续操作"), which may diverge across locales or future UI changes; consider centralizing these string constants or using a more robust way to detect login state than matching literal innerText.

Prompt for AI Agents

Please address the comments from this code review:

## Overall Comments
- The `logined` variable assumes `document.querySelector('a')` is non-null and that the first `<a>` always contains the `"Please logout First!"` text; consider adding a null check and using a more specific selector tied to the logout element to avoid runtime errors and brittle behavior.
- The redirect-back logic using `localStorage.getItem("UserScript-LastPage") ?? "/"` is duplicated in several places; extracting this into a small helper function would make the flow easier to maintain and less error-prone.
- The login-state checks mix English (`"Please logout First!"`) and Chinese UI text (`"请登录后继续操作"`), which may diverge across locales or future UI changes; consider centralizing these string constants or using a more robust way to detect login state than matching literal innerText.

## Individual Comments

### Comment 1
<location path="XMOJ.user.js" line_range="914" />
<code_context>
 });

 //otherwise CurrentUsername might be undefined
+let logined = (document.querySelector('a').innerText == "Please logout First!");
 if (UtilityEnabled("AutoLogin") && document.querySelector("body > a:nth-child(1)") != null && document.querySelector("body > a:nth-child(1)").innerText == "请登录后继续操作") {
+    if (logined) location.href = (localStorage.getItem("UserScript-LastPage") == null ? "/" : localStorage.getItem("UserScript-LastPage"));
</code_context>
<issue_to_address>
**issue (bug_risk):** Guard against `document.querySelector('a')` returning null before accessing `.innerText`.

If the page has no `<a>` tags or the first anchor is added later, `document.querySelector('a')` will be `null` and this will throw. Add a null check, for example:

```js
const firstAnchor = document.querySelector('a');
const logined = !!firstAnchor && firstAnchor.innerText === 'Please logout First!';
```

This avoids a runtime error and keeps `logined` as a boolean.
</issue_to_address>

---

Sourcery is free for open source - if you like our reviews please consider sharing them ✨

• X
• Mastodon
• LinkedIn
• Facebook

_{Help me be more useful! Please click 👍 or 👎 on each comment and I'll use the feedback to improve your reviews.}

[cubic-dev-ai]

1 issue found across 3 files (changes from recent commits).

Prompt for AI agents (unresolved issues)

Check if these issues are valid — if so, understand the root cause of each and fix them. If appropriate, use sub-agents to investigate and fix each issue separately.


<file name="XMOJ.user.js">

<violation number="1" location="XMOJ.user.js:3">
P3: Do not manually bump `@version`; this repository's workflow updates script versions automatically.</violation>
</file>

_{Reply with feedback, questions, or to request a fix. Tag @cubic-dev-ai to re-run a review.}

[cubic-dev-ai]

P3: Do not manually bump @version; this repository's workflow updates script versions automatically.

Prompt for AI agents

Check if this issue is valid — if so, understand the root cause and fix it. At XMOJ.user.js, line 3:

<comment>Do not manually bump `@version`; this repository's workflow updates script versions automatically.</comment>

<file context>
@@ -1,6 +1,6 @@
 // ==UserScript==
 // @name         XMOJ
-// @version      3.4.3
+// @version      3.4.4
 // @description  XMOJ增强脚本
 // @author       @XMOJ-Script-dev, @langningchen and the community
</file context>

Suggested change

	// @version 3.4.4
	// @version 3.4.3

[cubic-dev-ai]

3 issues found across 1 file

Prompt for AI agents (unresolved issues)

Check if these issues are valid — if so, understand the root cause of each and fix them. If appropriate, use sub-agents to investigate and fix each issue separately.


<file name="XMOJ.user.js">

<violation number="1" location="XMOJ.user.js:914">
P1: Guard `document.querySelector('a')` before reading `.innerText` to avoid a startup crash on pages without anchor tags.</violation>

<violation number="2" location="XMOJ.user.js:914">
P1: Guard against `document.querySelector('a')` returning `null` before accessing `.innerText`. If the page has no `<a>` tags, this will throw a `TypeError` at runtime, potentially breaking the entire userscript.</violation>

<violation number="3" location="XMOJ.user.js:916">
P1: The new `logined` redirect is immediately overwritten by unconditional `location.href = loginpage.php` in the same blocks; add early exit/else so the back-redirect actually works.</violation>
</file>

_{Reply with feedback, questions, or to request a fix. Tag @cubic-dev-ai to re-run a review.}

[boomzero]

Looks good to me

[boomzero]

The version number needs to be bumped

[def-WA2025]

@boomzero Fixed.