From 42a4b445cf00c094dfa97b8679901588371188e6 Mon Sep 17 00:00:00 2001
From: Mischa POSLAWSKY <perl@shiar.org>
Date: Sun, 5 Jan 2020 20:56:37 +0100
Subject: [PATCH] login/post: require user to access

Redirect to login to avoid incomprehensible error message.

Reported-by: Heleen Terlouw <heleen.terlouw.2910@gmail.com>
---
 login/post/index.php | 8 +++++++-
 1 file changed, 7 insertions(+), 1 deletion(-)

diff --git a/login/post/index.php b/login/post/index.php
index 9578d3c..747683f 100644
--- a/login/post/index.php
+++ b/login/post/index.php
@@ -1,5 +1,11 @@
 <?php
-if ($User->admin('user') and $username = @$_REQUEST['login']) {
+if (!$User) {
+	http_response_code(303);
+	$target = urlencode($_SERVER['REQUEST_URI']);
+	header("Location: /login?goto=$target");
+	exit;
+}
+elseif ($User->admin('user') and $username = @$_REQUEST['login']) {
 	try {
 		$user = new User("profile/$username");
 	}
-- 
2.30.0