Commit a4afbcb4e6518b7b94bd0c1ed7d296f97b9c4cc3
1 parent
2c36e776
Be slightly stronger in checkPassword - it has to return exactly true
for authentication to pass. git-svn-id: https://kt-dms.svn.sourceforge.net/svnroot/kt-dms/trunk@4317 c91229c3-7414-0410-bfa2-8a42b809f60b
Showing
1 changed file
with
4 additions
and
4 deletions
presentation/login.php
| @@ -114,13 +114,13 @@ class LoginPageDispatcher extends KTDispatcher { | @@ -114,13 +114,13 @@ class LoginPageDispatcher extends KTDispatcher { | ||
| 114 | } | 114 | } |
| 115 | $authenticated = KTAuthenticationUtil::checkPassword($oUser, $password); | 115 | $authenticated = KTAuthenticationUtil::checkPassword($oUser, $password); |
| 116 | 116 | ||
| 117 | - if ($authenticated === false) { | ||
| 118 | - $this->simpleRedirectToMain('Login failed. Please check your username and password, and try again.', $url, $params); | 117 | + if (PEAR::isError($authenticated)) { |
| 118 | + $this->simpleRedirectToMain('Authentication failure. Please try again.', $url, $params); | ||
| 119 | exit(0); | 119 | exit(0); |
| 120 | } | 120 | } |
| 121 | 121 | ||
| 122 | - if (PEAR::isError($authenticated)) { | ||
| 123 | - $this->simpleRedirectToMain('Authentication failure. Please try again.', $url, $params); | 122 | + if ($authenticated !== true) { |
| 123 | + $this->simpleRedirectToMain('Login failed. Please check your username and password, and try again.', $url, $params); | ||
| 124 | exit(0); | 124 | exit(0); |
| 125 | } | 125 | } |
| 126 | 126 |