X-Git-Url: https://git.mxchange.org/?a=blobdiff_plain;ds=inline;f=actions%2Flogin.php;h=59c6b4874bc24464d6fd9fbc15f05128ad4da8f2;hb=50b32227d1c4bb6fa5c6f81077ddd4a21981e639;hp=9fcf740ebfb78ee29429e22d4a581d1121edd316;hpb=5a313fef6e8b8ff8480d917f9fc49d41aee6e486;p=quix0rs-gnu-social.git

diff --git a/actions/login.php b/actions/login.php
index 9fcf740ebf..59c6b4874b 100644
--- a/actions/login.php
+++ b/actions/login.php
@@ -2,7 +2,7 @@
 /**
  * Laconica, the distributed open-source microblogging tool
  *
- * List of replies
+ * Login form
  *
  * PHP version 5
  *
@@ -32,7 +32,7 @@ if (!defined('LACONICA')) {
 }
 
 /**
- * List of replies
+ * Login form
  *
  * @category Personal
  * @package  Laconica
@@ -52,12 +52,12 @@ class LoginAction extends Action
     /**
      * Is this a read-only action?
      *
-     * @return boolean true
+     * @return boolean false
      */
 
     function isReadOnly()
     {
-        return true;
+        return false;
     }
 
     /**
@@ -78,6 +78,7 @@ class LoginAction extends Action
         } else if ($_SERVER['REQUEST_METHOD'] == 'POST') {
             $this->checkLogin();
         } else {
+            common_ensure_session();
             $this->showForm();
         }
     }
@@ -96,7 +97,7 @@ class LoginAction extends Action
     {
         // XXX: login throttle
 
-        // CSRF protection - token set in common_notice_form()
+        // CSRF protection - token set in NoticeForm
         $token = $this->trimmed('token');
         if (!$token || $token != common_session_token()) {
             $this->clientError(_('There was a problem with your session token. '.
@@ -106,29 +107,10 @@ class LoginAction extends Action
 
         $nickname = common_canonical_nickname($this->trimmed('nickname'));
         $password = $this->arg('password');
-        if (common_check_user($nickname, $password)) {
-            // success!
-            if (!common_set_user($nickname)) {
-                $this->serverError(_('Error setting user.'));
-                return;
-            }
-            common_real_login(true);
-            if ($this->boolean('rememberme')) {
-                common_debug('Adding rememberme cookie for ' . $nickname);
-                common_rememberme();
-            }
-            // success!
-            $url = common_get_returnto();
-            if ($url) {
-                // We don't have to return to it again
-                common_set_returnto(null);
-            } else {
-                $url = common_local_url('all',
-                                        array('nickname' =>
-                                              $nickname));
-            }
-            common_redirect($url);
-        } else {
+
+        $user = common_check_user($nickname, $password);
+
+        if (!$user) {
             $this->showForm(_('Incorrect username or password.'));
             return;
         }
@@ -142,11 +124,11 @@ class LoginAction extends Action
         common_real_login(true);
 
         if ($this->boolean('rememberme')) {
-            common_debug('Adding rememberme cookie for ' . $nickname);
             common_rememberme($user);
         }
-        // success!
+
         $url = common_get_returnto();
+
         if ($url) {
             // We don't have to return to it again
             common_set_returnto(null);
@@ -155,7 +137,8 @@ class LoginAction extends Action
                                     array('nickname' =>
                                           $nickname));
         }
-        common_redirect($url);
+
+        common_redirect($url, 303);
     }
 
     /**
@@ -223,7 +206,7 @@ class LoginAction extends Action
                                            'action' => common_local_url('login')));
         $this->elementStart('fieldset');
         $this->element('legend', null, _('Login to site'));
-        $this->elementStart('ul', 'form_datas');
+        $this->elementStart('ul', 'form_data');
         $this->elementStart('li');
         $this->input('nickname', _('Nickname'));
         $this->elementEnd('li');