From 6416b708d3d115a6d7529b6c388c796fcb651d55 Mon Sep 17 00:00:00 2001
From: Michael Hamann <michael@content-space.de>
Date: Wed, 20 Feb 2013 19:43:29 +0100
Subject: Fix handling of failed authentication loading

In the case of a failed authentication initialization, the
authentication setup was simply continued with an unset $auth object.
This restores the previous behavior (before merging #141) of simply
returning after unsetting $auth. Furthermore this re-introduces the
check if $auth is set before checking $auth and removes a useless
check if $auth is true (could never be false).
---
 inc/auth.php | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

(limited to 'inc/auth.php')

diff --git a/inc/auth.php b/inc/auth.php
index d82b8b5dd..92a56e163 100644
--- a/inc/auth.php
+++ b/inc/auth.php
@@ -54,16 +54,17 @@ function auth_setup() {
     	}
     }
 
-	if(!$auth){
+	if(!isset($auth) || !$auth){
         msg($lang['authtempfail'], -1);
         return false;
     }
 
-	if ($auth && $auth->success == false) {
+    if ($auth->success == false) {
 		// degrade to unauthenticated user
 	    unset($auth);
 	    auth_logoff();
 	    msg($lang['authtempfail'], -1);
+        return false;
 	}
 
     // do the login either by cookie or provided credentials XXX
-- 
cgit v1.2.3