{
// XXX: login throttle
- // CSRF protection - token set in common_notice_form()
+ // CSRF protection - token set in NoticeForm
$token = $this->trimmed('token');
if (!$token || $token != common_session_token()) {
$this->clientError(_('There was a problem with your session token. '.
$nickname = common_canonical_nickname($this->trimmed('nickname'));
$password = $this->arg('password');
- if (common_check_user($nickname, $password)) {
- // success!
- if (!common_set_user($nickname)) {
- $this->serverError(_('Error setting user.'));
- return;
- }
- common_real_login(true);
- if ($this->boolean('rememberme')) {
- common_debug('Adding rememberme cookie for ' . $nickname);
- common_rememberme();
- }
- // success!
- $url = common_get_returnto();
- if ($url) {
- // We don't have to return to it again
- common_set_returnto(null);
- } else {
- $url = common_local_url('all',
- array('nickname' =>
- $nickname));
- }
- common_redirect($url);
- } else {
+
+ if (!common_check_user($nickname, $password)) {
$this->showForm(_('Incorrect username or password.'));
return;
}
// success!
- if (!common_set_user($user)) {
+ if (!common_set_user($nickname)) {
$this->serverError(_('Error setting user.'));
return;
}
common_real_login(true);
if ($this->boolean('rememberme')) {
- common_debug('Adding rememberme cookie for ' . $nickname);
common_rememberme($user);
}
- // success!
+
$url = common_get_returnto();
+
if ($url) {
// We don't have to return to it again
common_set_returnto(null);
array('nickname' =>
$nickname));
}
+
common_redirect($url);
}
projects / quix0rs-gnu-social.git / commitdiff