@ -59,10 +59,9 @@ elseif(OC_User::isLoggedIn()) {
else {
OC_Util::redirectToDefaultPage();
}
}
// For all others cases, we display the guest page :
else {
} else {
OC_App::loadApps();
$error = false;
@ -80,10 +79,9 @@ else {
else {
OC_User::unsetMagicInCookie();
}
}
// Someone wants to log in :
elseif(isset($_POST["user"]) & & isset($_POST['password']) ) {
} elseif(isset($_POST["user"]) and isset($_POST['password']) and isset($_SESSION['sectoken']) and isset($_POST['sectoken']) and ($_SESSION['sectoken']==$_POST['sectoken']) ) {
if(OC_User::login($_POST["user"], $_POST["password"])) {
if(!empty($_POST["remember_login"])){
if(defined("DEBUG") & & DEBUG) {
@ -100,9 +98,9 @@ else {
} else {
$error = true;
}
}
// The user is already authenticated using Apaches AuthType Basic... very usable in combination with LDAP
elseif(isset($_SERVER["PHP_AUTH_USER"]) & & isset($_SERVER["PHP_AUTH_PW"])){
} elseif(isset($_SERVER["PHP_AUTH_USER"]) & & isset($_SERVER["PHP_AUTH_PW"])){
if (OC_User::login($_SERVER["PHP_AUTH_USER"],$_SERVER["PHP_AUTH_PW"])) {
//OC_Log::write('core',"Logged in with HTTP Authentication",OC_Log::DEBUG);
OC_User::unsetMagicInCookie();
@ -111,5 +109,7 @@ else {
$error = true;
}
}
OC_Template::printGuestPage('', 'login', array('error' => $error, 'redirect' => isset($_REQUEST['redirect_url'])?$_REQUEST['redirect_url']:'' ));
$sectoken=rand(1000000,9999999);
$_SESSION['sectoken']=$sectoken;
OC_Template::printGuestPage('', 'login', array('error' => $error, 'sectoken' => $sectoken, 'redirect' => isset($_REQUEST['redirect_url'])?$_REQUEST['redirect_url']:'' ));
}