X-Git-Url: https://git.mxchange.org/?a=blobdiff_plain;f=actions%2Flogin.php;h=aa25a0cec5fb3a179524100c5a0af15dd25290a2;hb=4272da4e9e2ab9c99b4b9897f04c92cd7987cb8b;hp=003d6613f7425f6c954341aa01fca3d35e2cbc13;hpb=834c21b2aaf78da1081416d05098286e9bf17c2a;p=quix0rs-gnu-social.git

diff --git a/actions/login.php b/actions/login.php
index 003d6613f7..aa25a0cec5 100644
--- a/actions/login.php
+++ b/actions/login.php
@@ -21,6 +21,10 @@ if (!defined('LACONICA')) { exit(1); }
 
 class LoginAction extends Action {
 
+	function is_readonly() {
+		return true;
+	}
+
 	function handle($args) {
 		parent::handle($args);
 		if (common_is_real_login()) {
@@ -109,10 +113,21 @@ class LoginAction extends Action {
 	}
 
 	function get_instructions() {
-		return _('Login with your username and password. ' .
-				  'Don\'t have a username yet? ' .
-				  '[Register](%%action.register%%) a new account, or ' .
-				  'try [OpenID](%%action.openidlogin%%). ');
+		if (common_logged_in() &&
+			!common_is_real_login() &&
+			common_get_returnto())
+		{
+			# rememberme logins have to reauthenticate before
+			# changing any profile settings (cookie-stealing protection)
+			return _('For security reasons, please re-enter your ' .
+					 'user name and password ' .
+					 'before changing your settings.');
+		} else {
+			return _('Login with your username and password. ' .
+					 'Don\'t have a username yet? ' .
+					 '[Register](%%action.register%%) a new account, or ' .
+					 'try [OpenID](%%action.openidlogin%%). ');
+		}
 	}
 
 	function show_top($error=NULL) {