X-Git-Url: https://git.mxchange.org/?a=blobdiff_plain;ds=sidebyside;f=src%2FModule%2FLogin.php;h=82d70498281fc6547a6e7a79520c6bca96793c8b;hb=458981f75cff2427976c9abc787eadf8e9e6267f;hp=751d4d4cce5a5dfc037908b54e922e98801424c8;hpb=7d5494dd67f58e1fc63c6571946e26290092321c;p=friendica.git

diff --git a/src/Module/Login.php b/src/Module/Login.php
index 751d4d4cce..82d7049828 100644
--- a/src/Module/Login.php
+++ b/src/Module/Login.php
@@ -17,6 +17,7 @@ use Friendica\Database\DBA;
 use Friendica\Model\User;
 use Friendica\Util\DateTimeFormat;
 use Friendica\Util\Network;
+use Friendica\Util\Strings;
 use LightOpenID;
 
 require_once 'boot.php';
@@ -33,11 +34,11 @@ class Login extends BaseModule
 	{
 		$a = self::getApp();
 
-		if (x($_SESSION, 'theme')) {
+		if (!empty($_SESSION['theme'])) {
 			unset($_SESSION['theme']);
 		}
 
-		if (x($_SESSION, 'mobile-theme')) {
+		if (!empty($_SESSION['mobile-theme'])) {
 			unset($_SESSION['mobile-theme']);
 		}
 
@@ -45,7 +46,7 @@ class Login extends BaseModule
 			$a->internalRedirect();
 		}
 
-		return self::form($_SESSION['return_path'], intval(Config::get('config', 'register_policy')) !== REGISTER_CLOSED);
+		return self::form(defaults($_SESSION, 'return_path', null), intval(Config::get('config', 'register_policy')) !== REGISTER_CLOSED);
 	}
 
 	public static function post()
@@ -67,7 +68,7 @@ class Login extends BaseModule
 			self::openIdAuthentication($openid_url, !empty($_POST['remember']));
 		}
 
-		if (x($_POST, 'auth-params') && $_POST['auth-params'] === 'login') {
+		if (!empty($_POST['auth-params']) && $_POST['auth-params'] === 'login') {
 			self::passwordAuthentication(
 				trim($_POST['username']),
 				trim($_POST['password']),
@@ -148,7 +149,7 @@ class Login extends BaseModule
 				);
 			}
 		} catch (Exception $e) {
-			Logger::log('authenticate: failed login attempt: ' . notags($username) . ' from IP ' . $_SERVER['REMOTE_ADDR']);
+			Logger::log('authenticate: failed login attempt: ' . Strings::escapeTags($username) . ' from IP ' . $_SERVER['REMOTE_ADDR']);
 			info('Login failed. Please check your credentials.' . EOL);
 			$a->internalRedirect();
 		}
@@ -162,7 +163,7 @@ class Login extends BaseModule
 		$_SESSION['last_login_date'] = DateTimeFormat::utcNow();
 		Authentication::setAuthenticatedSessionForUser($record, true, true);
 
-		if (x($_SESSION, 'return_path')) {
+		if (!empty($_SESSION['return_path'])) {
 			$return_path = $_SESSION['return_path'];
 			unset($_SESSION['return_path']);
 		} else {
@@ -220,15 +221,15 @@ class Login extends BaseModule
 			}
 		}
 
-		if (isset($_SESSION) && x($_SESSION, 'authenticated')) {
-			if (x($_SESSION, 'visitor_id') && !x($_SESSION, 'uid')) {
+		if (!empty($_SESSION['authenticated'])) {
+			if (!empty($_SESSION['visitor_id']) && empty($_SESSION['uid'])) {
 				$contact = DBA::selectFirst('contact', [], ['id' => $_SESSION['visitor_id']]);
 				if (DBA::isResult($contact)) {
 					self::getApp()->contact = $contact;
 				}
 			}
 
-			if (x($_SESSION, 'uid')) {
+			if (!empty($_SESSION['uid'])) {
 				// already logged in user returning
 				$check = Config::get('system', 'paranoia');
 				// extra paranoia - if the IP changed, log them out