From 18da65cb74262623719f291920f03ad6ae4a277c Mon Sep 17 00:00:00 2001 From: root Date: Tue, 27 Oct 2015 10:58:11 +0100 Subject: Login via E-Mail works now. --- action.php | 17 ++++++++++------- 1 file changed, 10 insertions(+), 7 deletions(-) (limited to 'action.php') diff --git a/action.php b/action.php index d291fe1..22b4cc4 100644 --- a/action.php +++ b/action.php @@ -27,7 +27,7 @@ switch($_GET["task"]){ } else if ( $user->login($_POST["name"], $_POST["password"]) ){ $goto = preg_replace("/;/", "&", $_GET["goto"]); header($_SERVER["SERVER_PROTOCOL"] . " 302 Moved"); - header("Location: ".DOMAIN."?page=" . $goto); + header("Location: ".DOMAIN."?page=" . $goto . "&_new=1"); ob_clean(); exit; } else { @@ -385,17 +385,20 @@ JG Adlershof"; } break; case("genHash"): + /* if ( $_SERVER['REQUEST_METHOD'] != 'POST' ){ header($_SERVER["SERVER_PROTOCOL"] . " 405 Method Not Allowed"); ob_clean(); echo "Method not allowed"; exit; } + */ if ( ! $user->setHash($_REQUEST["name"], $c) ) { - print_login("password"); + print_login("hash"); } else { - print_verify_by_email(); + print_verify_by_email(htmlentities($_REQUEST["name"])); } + break; case("verify"): @@ -406,16 +409,16 @@ JG Adlershof"; exit; } //lredirect( "login"); - if ( ! isset($_REQUEST["name"]) || $_REQUEST["name"] == "" || ! isset($_REQUEST["hash"]) || $_REQUEST["hash"] == "" ){ + if ( ! isset($_REQUEST["email"]) || $_REQUEST["email"] == "" || ! isset($_REQUEST["hash"]) || $_REQUEST["hash"] == "" ){ print_login("missing"); - } else if ( $user->loginByEmail($_REQUEST["name"], $_REQUEST["hash"], $c) ){ + } else if ( $user->loginByEmail($_REQUEST["email"], $_REQUEST["hash"], $c) ){ $goto = preg_replace("/;/", "&", $_GET["goto"]); header($_SERVER["SERVER_PROTOCOL"] . " 302 Moved"); - header("Location: ".DOMAIN."?page=" . $goto); + header("Location: ".DOMAIN."?page=" . $goto . "&_new=1"); ob_clean(); exit; } else { - print_login("password"); + print_login("hash"); } break; -- cgit v1.2.3