login: exclude cookie data from user name default

Apparently included in $_REQUEST in Xenat's PHP environment.

diff --git a/login.inc.php b/login.inc.php
index 2809478cc212300ae95e7edf5c713e2eedab0c9b..4d05dedc5fa670d4a20b253df4322a86d334bd6e 100644 (file)
--- a/login.inc.php
+++ b/login.inc.php
@@ -6,8 +6,8 @@ if (isset($message)) {
 }
 ?>
 <form action="" method="post">
-       <input id="login" name="login" placeholder="Huisnummer" value="<?php
-               if (isset($_REQUEST['login'])) print htmlspecialchars($_REQUEST['login']);
+       <input id="login" name="login" placeholder="Gebruikersnaam" value="<?php
+               if (isset($_POST['login'])) print htmlspecialchars($_REQUEST['login']);
        ?>" />
        <input id="pass" name="pass" type="password" value="" placeholder="Wachtwoord" />
        <input type="submit" value="Log in" />