]> git.mxchange.org Git - quix0rs-gnu-social.git/blobdiff - lib/settingsaction.php
projects / quix0rs-gnu-social.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
Remove CSRF protection from username/password login and from OpenID login.
[quix0rs-gnu-social.git] / lib / settingsaction.php
diff --git a/lib/settingsaction.php b/lib/settingsaction.php
index aba196db92a9c4e793d443ed23235cae9734cee0..c3669868d4d3cb177401e1f1747b7f7c06cf6c0d 100644 (file)
--- a/lib/settingsaction.php
+++ b/lib/settingsaction.php
@@ -27,7 +27,7 @@
  * @link      http://status.net/
  */
 
-if (!defined('STATUSNET')) {
+if (!defined('STATUSNET') && !defined('LACONICA')) {
     exit(1);
 }
 
@@ -77,9 +77,7 @@ class SettingsAction extends CurrentUserDesignAction
             // _all_ our settings are important
             common_set_returnto($this->selfUrl());
             $user = common_current_user();
-            if ($user->hasOpenID()) {
-                common_redirect(common_local_url('openidlogin'), 303);
-            } else {
+            if (Event::handle('RedirectToLogin', array($this, $user))) {
                 common_redirect(common_local_url('login'), 303);
             }
         } else if ($_SERVER['REQUEST_METHOD'] == 'POST') {
This is my personal clone from the wonderful software GNUSocial. I may fix or break things here, so use it on your own risk. :-)