X-Git-Url: https://git.mxchange.org/?a=blobdiff_plain;f=include%2Fauth.php;h=cba6a67a7fd7ec5124b919540bc3b6bf118013cc;hb=70c4ab68754941749a5e89434d6db19f6bba1e16;hp=835616a829551c44fabca06fbd4b4868b7c34b39;hpb=cea7ca1df4fd8065c38a4f43a0f13ba89e8b94e2;p=friendica.git

diff --git a/include/auth.php b/include/auth.php
old mode 100755
new mode 100644
index 835616a829..cba6a67a7f
--- a/include/auth.php
+++ b/include/auth.php
@@ -11,6 +11,13 @@ function nuke_session() {
 	unset($_SESSION['cid']);
 	unset($_SESSION['theme']);
 	unset($_SESSION['page_flags']);
+	unset($_SESSION['submanage']);
+	unset($_SESSION['my_url']);
+	unset($_SESSION['my_address']);
+	unset($_SESSION['addr']);
+	unset($_SESSION['return_url']);
+	unset($_SESSION['theme']);
+	unset($_SESSION['page_flags']);
 }
 
 
@@ -46,6 +53,8 @@ if((isset($_SESSION)) && (x($_SESSION,'authenticated')) && ((! (x($_POST,'auth-p
 		$check = get_config('system','paranoia');
 		// extra paranoia - if the IP changed, log them out
 		if($check && ($_SESSION['addr'] != $_SERVER['REMOTE_ADDR'])) {
+			logger('Session address changed. Paranoid setting in effect, blocking session. ' 
+				. $_SESSION['addr'] . ' != ' . $_SERVER['REMOTE_ADDR']);
 			nuke_session();
 			goaway(z_root());
 		}
@@ -94,13 +103,17 @@ else {
 
 			// Otherwise it's probably an openid.
 
+                        try {
 			require_once('library/openid.php');
 			$openid = new LightOpenID;
 			$openid->identity = $openid_url;
 			$_SESSION['openid'] = $openid_url;
 			$a = get_app();
 			$openid->returnUrl = $a->get_baseurl(true) . '/openid'; 
-			goaway($openid->authUrl());
+                        goaway($openid->authUrl());
+                        } catch (Exception $e) {
+                            notice( t('We encountered a problem while logging in with the OpenID you provided. Please check the correct spelling of the ID.').'<br /><br >'. t('The error message was:').' '.$e->getMessage());
+                        }
 			// NOTREACHED
 		}
 	}