X-Git-Url: https://git.mxchange.org/?a=blobdiff_plain;f=actions%2Flogin.php;h=8ea3c800b70f72d1915dd497e0d4fe76d14bf728;hb=72460091ddc6763cb8d62f9d865390ea4973dd44;hp=a2f853e3a43301d53205a27de1adc54bc0a8ddd0;hpb=1b9fd1fe5311b3af9e22e64fac37e5b9fe93c4a3;p=quix0rs-gnu-social.git

diff --git a/actions/login.php b/actions/login.php
index a2f853e3a4..8ea3c800b7 100644
--- a/actions/login.php
+++ b/actions/login.php
@@ -103,6 +103,15 @@ class LoginAction extends Action
         // CSRF protection - token set in NoticeForm
         $token = $this->trimmed('token');
         if (!$token || $token != common_session_token()) {
+	    $st = common_session_token();
+	    if (empty($token)) {
+		common_log(LOG_WARNING, 'No token provided by client.');
+	    } else if (empty($st)) {
+		common_log(LOG_WARNING, 'No session token stored.');
+	    } else {
+		common_log(LOG_WARNING, 'Token = ' . $token . ' and session token = ' . $st);
+	    }
+
             $this->clientError(_('There was a problem with your session token. '.
                                  'Try again, please.'));
             return;
@@ -132,15 +141,10 @@ class LoginAction extends Action
 
         $url = common_get_returnto();
 
-        if (common_config('ssl', 'sometimes') && // mixed environment
-            common_config('site', 'server') != common_config('site', 'sslserver')) {
-            $this->redirectFromSSL($user, $url, $this->boolean('rememberme'));
-            return;
-        }
-
         if ($url) {
             // We don't have to return to it again
             common_set_returnto(null);
+	    $url = common_inject_session($url);
         } else {
             $url = common_local_url('all',
                                     array('nickname' =>
@@ -282,31 +286,4 @@ class LoginAction extends Action
         $nav = new LoginGroupNav($this);
         $nav->show();
     }
-
-    function redirectFromSSL($user, $returnto, $rememberme)
-    {
-        try {
-            $login_token = Login_token::makeNew($user);
-        } catch (Exception $e) {
-            $this->serverError($e->getMessage());
-            return;
-        }
-
-        $params = array();
-
-        if (!empty($returnto)) {
-            $params['returnto'] = $returnto;
-        }
-
-        if (!empty($rememberme)) {
-            $params['rememberme'] = $rememberme;
-        }
-
-        $target = common_local_url('otp',
-                                   array('user_id' => $login_token->user_id,
-                                         'token' => $login_token->token),
-                                   $params);
-
-        common_redirect($target, 303);
-    }
 }