X-Git-Url: https://git.mxchange.org/?a=blobdiff_plain;f=actions%2Fopenidlogin.php;h=1a4372d73e76722dfe5f60d30b220b6ba191b3f0;hb=5466f6a6d0950331a4cb54e09b44ea4524751fb4;hp=ec5361c8b4f661e8627939febd24743be80fcffa;hpb=8a65c5175c3b734d4c53d6a3c3af51c5a645dff2;p=quix0rs-gnu-social.git

diff --git a/actions/openidlogin.php b/actions/openidlogin.php
index ec5361c8b4..1a4372d73e 100644
--- a/actions/openidlogin.php
+++ b/actions/openidlogin.php
@@ -26,7 +26,7 @@ class OpenidloginAction extends Action
     function handle($args)
     {
         parent::handle($args);
-        if (common_logged_in()) {
+        if (common_is_real_login()) {
             $this->clientError(_('Already logged in.'));
         } else if ($_SERVER['REQUEST_METHOD'] == 'POST') {
             $openid_url = $this->trimmed('openid_url');
@@ -59,7 +59,16 @@ class OpenidloginAction extends Action
 
     function getInstructions()
     {
-        return _('Login with an [OpenID](%%doc.openid%%) account.');
+        if (common_logged_in() && !common_is_real_login() &&
+            common_get_returnto()) {
+            // rememberme logins have to reauthenticate before
+            // changing any profile settings (cookie-stealing protection)
+            return _('For security reasons, please re-login with your ' .
+                     '[OpenID](%%doc.openid%%) ' .
+                     'before changing your settings.');
+        } else {
+            return _('Login with an [OpenID](%%doc.openid%%) account.');
+        }
     }
 
     function showPageNotice()
@@ -90,16 +99,27 @@ class OpenidloginAction extends Action
     function showContent() {
         $formaction = common_local_url('openidlogin');
         $this->elementStart('form', array('method' => 'post',
-                                           'id' => 'openidlogin',
+                                           'id' => 'form_openid_login',
+                                           'class' => 'form_settings',
                                            'action' => $formaction));
+        $this->elementStart('fieldset');
+        $this->element('legend', null, _('OpenID login'));
         $this->hidden('token', common_session_token());
+
+        $this->elementStart('ul', 'form_data');
+        $this->elementStart('li');
         $this->input('openid_url', _('OpenID URL'),
                      $this->openid_url,
                      _('Your OpenID URL'));
+        $this->elementEnd('li');
+        $this->elementStart('li', array('id' => 'settings_rememberme'));
         $this->checkbox('rememberme', _('Remember me'), false,
                         _('Automatically login in the future; ' .
                            'not for shared computers!'));
+        $this->elementEnd('li');
+        $this->elementEnd('ul');
         $this->submit('submit', _('Login'));
+        $this->elementEnd('fieldset');
         $this->elementEnd('form');
     }