]> andersk Git - sql-web.git/blobdiff - login.php
andersk / sql-web.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
Fix CSRF vulnerabilities
[sql-web.git] / login.php
diff --git a/login.php b/login.php
index 5e2d3109e2086ac8683780e11cb7a7665d93165a..32a4461b6db6726b133e3e93ec66888d85c2d1d8 100644 (file)
--- a/login.php
+++ b/login.php
@@ -1,4 +1,7 @@
 <?php
+/*
+       (c) 2005 Joe Presbrey
+*/
 
 require_once('mitsql.cfg.php');
 require_once('mitsql.lib.php');
@@ -18,16 +21,16 @@ if (isPost() && empty($err)) {
        }
        
        if ($Login->exists() && !$Login->isEnabled()) {
-               $err[] = 'Account not active. <a href="signup">Did you signup yet?</a>.';
+               $err[] = 'Account not active.';
        } elseif (!$Login->exists()) {
                $err[] = 'Nonexistant account or invalid password.';
        } elseif (!$Login->canLogin()) {
-               $err[] = 'That account is no longer valid. Please contact the staff.';
+               $err[] = 'That account is no longer valid. Please contact the staff (sql@mit.edu).';
        }
 
        if (empty($err)) {
                sess('UserId', $Login->getUserId());
-               redirect('main');
+               redirect('main?refresh');
        }
 
 }
Unnamed repository; edit this file 'description' to name the repository.
This page took 0.031559 seconds and 4 git commands to generate.