Mercurial > hg > fapweb
diff usrlogin.php @ 306:6610311ac48e
Improve user login handling.
author | Matti Hamalainen <ccr@tnsp.org> |
---|---|
date | Tue, 26 Nov 2013 19:51:11 +0200 |
parents | 7181350076c1 |
children | 2f46b6254ff2 |
line wrap: on
line diff
--- a/usrlogin.php Tue Nov 26 06:43:43 2013 +0200 +++ b/usrlogin.php Tue Nov 26 19:51:11 2013 +0200 @@ -24,7 +24,9 @@ // Authenticate // $gotoPage = stGetRequestItem("goto", FALSE); +$errorPage = stGetRequestItem("error", FALSE); $password = stGetRequestItem("key", FALSE); +$error = 0; $sql = stPrepareSQL("SELECT id FROM votekeys WHERE key=%s", $password); if (($votekey_id = stFetchSQLColumn($sql)) !== false) @@ -32,7 +34,7 @@ if (!stSessionStart(SESS_USER, $password, "userTimeout")) { error_log("User session AUTH LOGIN failed (session setup)"); - $gotoPage = "vote?error=2"; + $error = 2; } else stSetSessionItem("mode", stGetRequestItem("mode", "error")); @@ -40,8 +42,11 @@ else { error_log("User session AUTH LOGIN failed (password)"); - $gotoPage = "vote?error=1"; + $error = 1; } -header("Location: ".($gotoPage !== FALSE ? $gotoPage : stGetSetting("defaultPage"))); +$nextPage = ($error != 0) ? $errorPage : $gotoPage; + +header("Location: ".($nextPage !== FALSE ? $nextPage : stGetSetting("defaultPage")) + ($error ? "?error=".$error : ""); ?> \ No newline at end of file