use Friendica\Model\User;
use Friendica\Util\DateTimeFormat;
use Friendica\Util\Network;
+use Friendica\Util\Strings;
use LightOpenID;
require_once 'boot.php';
{
$a = self::getApp();
- if (x($_SESSION, 'theme')) {
+ if (!empty($_SESSION['theme'])) {
unset($_SESSION['theme']);
}
- if (x($_SESSION, 'mobile-theme')) {
+ if (!empty($_SESSION['mobile-theme'])) {
unset($_SESSION['mobile-theme']);
}
$a->internalRedirect();
}
- return self::form($_SESSION['return_path'], intval(Config::get('config', 'register_policy')) !== REGISTER_CLOSED);
+ return self::form(defaults($_SESSION, 'return_path', null), intval(Config::get('config', 'register_policy')) !== REGISTER_CLOSED);
}
public static function post()
self::openIdAuthentication($openid_url, !empty($_POST['remember']));
}
- if (x($_POST, 'auth-params') && $_POST['auth-params'] === 'login') {
+ if (!empty($_POST['auth-params']) && $_POST['auth-params'] === 'login') {
self::passwordAuthentication(
trim($_POST['username']),
trim($_POST['password']),
);
}
} catch (Exception $e) {
- Logger::log('authenticate: failed login attempt: ' . notags($username) . ' from IP ' . $_SERVER['REMOTE_ADDR']);
+ Logger::log('authenticate: failed login attempt: ' . Strings::escapeTags($username) . ' from IP ' . $_SERVER['REMOTE_ADDR']);
info('Login failed. Please check your credentials.' . EOL);
$a->internalRedirect();
}
$_SESSION['last_login_date'] = DateTimeFormat::utcNow();
Authentication::setAuthenticatedSessionForUser($record, true, true);
- if (x($_SESSION, 'return_path')) {
+ if (!empty($_SESSION['return_path'])) {
$return_path = $_SESSION['return_path'];
unset($_SESSION['return_path']);
} else {
}
}
- if (isset($_SESSION) && x($_SESSION, 'authenticated')) {
- if (x($_SESSION, 'visitor_id') && !x($_SESSION, 'uid')) {
+ if (!empty($_SESSION['authenticated'])) {
+ if (!empty($_SESSION['visitor_id']) && empty($_SESSION['uid'])) {
$contact = DBA::selectFirst('contact', [], ['id' => $_SESSION['visitor_id']]);
if (DBA::isResult($contact)) {
self::getApp()->contact = $contact;
}
}
- if (x($_SESSION, 'uid')) {
+ if (!empty($_SESSION['uid'])) {
// already logged in user returning
$check = Config::get('system', 'paranoia');
// extra paranoia - if the IP changed, log them out