Index: trunk/kernel/frontaction.php
===================================================================
diff -u -r534 -r537
--- trunk/kernel/frontaction.php (.../frontaction.php) (revision 534)
+++ trunk/kernel/frontaction.php (.../frontaction.php) (revision 537)
@@ -34,61 +34,54 @@
{
case "m_login":
// if($objSession->ValidSession()) $objSession->Logout();
- //echo $objSession->GetSessionKey()."
\n";
+ //echo $objSession->GetSessionKey()."
\n";
if ($objConfig->Get("CookieSessions") == 1 && $_COOKIE["CookiesTest"] != "1") {
$FormError["login"]["login_user"] = language("lu_cookies_error");
}
- else
- {
- $MissingCount = SetMissingDataErrors("login");
- if($MissingCount==2)
+ else
{
- $FormError["login"]["login_user"]= language("lu_ferror_loginboth");
- unset($FormError["login"]["login_password"]);
+ $MissingCount = SetMissingDataErrors("login");
+ if($MissingCount==2)
+ {
+ $FormError["login"]["login_user"]= language("lu_ferror_loginboth");
+ unset($FormError["login"]["login_password"]);
+ }
+
+ if($MissingCount==0)
+ {
+ if($_POST["login_user"]=="root")
+ {
+ $FormError["login"]["login_user"]= language("lu_access_denied");
+ }
+ else
+ {
+ if ($objSession->Login($_POST["login_user"], md5($_POST["login_password"])) == FALSE)
+ {
+ $FormError["login"]["login_password"] = language("lu_incorrect_login");
+ }
+ else
+ {
+ if( !headers_sent() && GetVar('usercookie') == 1 )
+ {
+ $c = $_POST["login_user"]."|";
+ $pw = $_POST["login_password"];
+ if(strlen($pw) < 31) $pw = md5($pw);
+ $c .= $pw;
+
+ setcookie("login",$c,time()+2592000);
+ }
+
+
+ // set new destination template if passed
+ $dest = GetVar('dest', true);
+ if(!$dest) $dest = GetVar('DestTemplate', true);
+ if($dest) $var_list['t'] = $dest;
+ //echo "DEST: $dest
";
+ }
+ }
+ }
}
-
- if($MissingCount==0)
- {
- if($_POST["login_user"]=="root")
- {
- $FormError["login"]["login_user"]= language("lu_access_denied");
- }
- else
- {
- $LoginCheck = $objSession->Login( $_POST["login_user"], md5($_POST["login_password"]) );
- if($LoginCheck === true)
- {
- if( !headers_sent() && GetVar('usercookie') == 1 )
- {
- $c = $_POST["login_user"]."|";
- $pw = $_POST["login_password"];
- if(strlen($pw) < 31) $pw = md5($pw);
- $c .= $pw;
- setcookie("login",$c,time()+2592000);
- }
-
- // set new destination template if passed
- $dest = GetVar('dest', true);
- if(!$dest) $dest = GetVar('DestTemplate', true);
- if($dest) $var_list['t'] = $dest;
- }
- else
- {
- switch($LoginCheck)
- {
- case -1: // user or/and pass wrong
- $FormError["login"]["login_password"] = language("lu_incorrect_login");
- break;
-
- case -2: // user ok, but has no permission
- $FormError["login"]["login_password"] = language("la_text_nopermissions");
- break;
- }
- }
- }
- }
- }
- break;
+ break;
case "m_forgotpw":
$MissingCount = SetMissingDataErrors("forgotpw");
@@ -111,7 +104,8 @@
}
if($found)
{
- $newpw = makepassword();
+ $newpw = makepassword();
+ $objSession->Set('password', $newpw);
$u->Set("Password",$newpw);
$u->Update();
$u->SendUserEventMail("USER.PSWD",$u->Get("PortalUserId"));