X-Git-Url: https://git.mxchange.org/?a=blobdiff_plain;f=include%2Fauth.php;h=cba6a67a7fd7ec5124b919540bc3b6bf118013cc;hb=70c4ab68754941749a5e89434d6db19f6bba1e16;hp=835616a829551c44fabca06fbd4b4868b7c34b39;hpb=cea7ca1df4fd8065c38a4f43a0f13ba89e8b94e2;p=friendica.git
diff --git a/include/auth.php b/include/auth.php
old mode 100755
new mode 100644
index 835616a829..cba6a67a7f
--- a/include/auth.php
+++ b/include/auth.php
@@ -11,6 +11,13 @@ function nuke_session() {
unset($_SESSION['cid']);
unset($_SESSION['theme']);
unset($_SESSION['page_flags']);
+ unset($_SESSION['submanage']);
+ unset($_SESSION['my_url']);
+ unset($_SESSION['my_address']);
+ unset($_SESSION['addr']);
+ unset($_SESSION['return_url']);
+ unset($_SESSION['theme']);
+ unset($_SESSION['page_flags']);
}
@@ -46,6 +53,8 @@ if((isset($_SESSION)) && (x($_SESSION,'authenticated')) && ((! (x($_POST,'auth-p
$check = get_config('system','paranoia');
// extra paranoia - if the IP changed, log them out
if($check && ($_SESSION['addr'] != $_SERVER['REMOTE_ADDR'])) {
+ logger('Session address changed. Paranoid setting in effect, blocking session. '
+ . $_SESSION['addr'] . ' != ' . $_SERVER['REMOTE_ADDR']);
nuke_session();
goaway(z_root());
}
@@ -94,13 +103,17 @@ else {
// Otherwise it's probably an openid.
+ try {
require_once('library/openid.php');
$openid = new LightOpenID;
$openid->identity = $openid_url;
$_SESSION['openid'] = $openid_url;
$a = get_app();
$openid->returnUrl = $a->get_baseurl(true) . '/openid';
- goaway($openid->authUrl());
+ goaway($openid->authUrl());
+ } catch (Exception $e) {
+ notice( t('We encountered a problem while logging in with the OpenID you provided. Please check the correct spelling of the ID.').'
'. t('The error message was:').' '.$e->getMessage());
+ }
// NOTREACHED
}
}