From f112c2fa2c881f6f75d207243b979cd6ab9077a2 Mon Sep 17 00:00:00 2001 From: Andreas Gohr Date: Tue, 9 Jan 2007 22:31:55 +0100 Subject: Check cookie auth data silently darcs-hash:20070109213155-7ad00-9594bbf5c0730221b46f31bb40f31997a09ab4b4.gz --- inc/auth.php | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) (limited to 'inc') diff --git a/inc/auth.php b/inc/auth.php index 35c2e48d3..9c0225e4b 100644 --- a/inc/auth.php +++ b/inc/auth.php @@ -107,9 +107,10 @@ * @param string $user Username * @param string $pass Cleartext Password * @param bool $sticky Cookie should not expire + * @param bool $silent Don't show error on bad auth * @return bool true on successful auth */ -function auth_login($user,$pass,$sticky=false){ +function auth_login($user,$pass,$sticky=false,$silent=false){ global $USERINFO; global $conf; global $lang; @@ -137,7 +138,7 @@ function auth_login($user,$pass,$sticky=false){ return true; }else{ //invalid credentials - log off - msg($lang['badlogin'],-1); + if(!$silent) msg($lang['badlogin'],-1); auth_logoff(); return false; } @@ -147,7 +148,6 @@ function auth_login($user,$pass,$sticky=false){ list($user,$sticky,$pass) = split('\|',$cookie,3); // get session info $session = $_SESSION[DOKU_COOKIE]['auth']; - if($user && $pass){ // we got a cookie - see if we can trust it if(isset($session) && @@ -159,9 +159,9 @@ function auth_login($user,$pass,$sticky=false){ $USERINFO = $session['info']; //FIXME move all references to session return true; } - // no we don't trust it yet - recheck pass + // no we don't trust it yet - recheck pass but silent $pass = PMA_blowfish_decrypt($pass,auth_cookiesalt()); - return auth_login($user,$pass,$sticky); + return auth_login($user,$pass,$sticky,true); } } //just to be sure -- cgit v1.2.3