git.shiar.nl / minimedit.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 3a4f1ae)
login/post: require user to access
authorMischa POSLAWSKY <perl@shiar.org>
Sun, 5 Jan 2020 19:56:37 +0000 (20:56 +0100)
committerMischa POSLAWSKY <perl@shiar.org>
Sun, 5 Jan 2020 19:56:37 +0000 (20:56 +0100)
Redirect to login to avoid incomprehensible error message.

Reported-by: Heleen Terlouw <heleen.terlouw.2910@gmail.com>
login/post/index.php patch | blob | history

diff --git a/login/post/index.php b/login/post/index.php
index 9578d3cc01d8ba41c175ac18ac0e8f2f5c24bb71..747683f08e0d388f1df0f4578bac6a5e6efc24ab 100644 (file)
--- a/login/post/index.php
+++ b/login/post/index.php
@@ -1,5 +1,11 @@
 <?php
-if ($User->admin('user') and $username = @$_REQUEST['login']) {
+if (!$User) {
+       http_response_code(303);
+       $target = urlencode($_SERVER['REQUEST_URI']);
+       header("Location: /login?goto=$target");
+       exit;
+}
+elseif ($User->admin('user') and $username = @$_REQUEST['login']) {
        try {
                $user = new User("profile/$username");
        }
MinimEdit - databaseless cms with only a bit of php