]> andersk Git - sql-web.git/blobdiff - global.act.php
andersk / sql-web.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
Fix CSRF vulnerabilities
[sql-web.git] / global.act.php
diff --git a/global.act.php b/global.act.php
index 1a6a98d0e59db6284920bbc4ccd9970388c5d45c..ee34748a31ab6385433813a80b9ed737c6935eb8 100644 (file)
--- a/global.act.php
+++ b/global.act.php
@@ -1,4 +1,7 @@
 <?php
+/*
+       (c) 2005 Joe Presbrey
+*/
 
 require_once('mitsql.cfg.php');
 require_once('mitsql.lib.php');
@@ -35,24 +38,26 @@ if (isOnline()) {
 
                /*$LoginSSL = sess('LoginSSL');
                if (!is_a($LoginSSL, 'Login')) { $LoginSSL = new Login($SSLUsername); }*/
-               $LoginSSL = new Login($SSLUsername);
+               $LoginSSL = new Login(getUsernameID($SSLUsername));
                $LoginSSL->update($SSLCred['Name'],$SSLCred['Email']);
 
                if (!isLoggedIn() && !$LoginSSL->exists()) {
                        if (!empty($SSLName))
                                addUser($SSLCred);
-                       $LoginSSL->refresh();
+                       $LoginSSL = new Login(getUsernameID($SSLUsername));
                }
        } else {
                unset($_SESSION['LoginSSL']);
        }
 
+       /*
        if (isPost() || isset($i_refresh)) {
                if (!empty($UserId)) {
                        checkQuotas($UserId);
                }
-               isset($i_refresh) && redirect('main');
+               isset($i_refresh) && redirect('main?r');
        }
+       */
 
 } // isOnline()
 
Unnamed repository; edit this file 'description' to name the repository.
This page took 0.052491 seconds and 4 git commands to generate.