summaryrefslogtreecommitdiffstats
path: root/admin/auth.php
diff options
context:
space:
mode:
authorThomas Lange <code@nerdmind.de>2017-09-02 15:07:35 +0200
committerThomas Lange <code@nerdmind.de>2017-09-02 15:07:35 +0200
commite12cea77d8dabaf8bcaa30a0efb6ad8be0a15260 (patch)
tree3e9418f6718fa6b5138e2dbb9175df80d81cb476 /admin/auth.php
parente0fc0f469303825d4155721e90bfa6f2062c836e (diff)
downloadblog-e12cea77d8dabaf8bcaa30a0efb6ad8be0a15260.tar.gz
blog-e12cea77d8dabaf8bcaa30a0efb6ad8be0a15260.tar.xz
blog-e12cea77d8dabaf8bcaa30a0efb6ad8be0a15260.zip
An unnecessary "else" block in admin/auth.php was removed and spelling mistakes and inconsistencies in some comments were corrected.
Diffstat (limited to 'admin/auth.php')
-rw-r--r--admin/auth.php37
1 files changed, 16 insertions, 21 deletions
diff --git a/admin/auth.php b/admin/auth.php
index 160516b..7232940 100644
--- a/admin/auth.php
+++ b/admin/auth.php
@@ -25,32 +25,27 @@ if(Application::isAuthenticated()) {
}
#===============================================================================
-# ELSE: Not authenticated
+# IF: Login action
#===============================================================================
-else {
- #===============================================================================
- # IF: Login action
- #===============================================================================
- if(HTTP::issetPOST(['token' => Application::getSecurityToken()], 'username', 'password')) {
- try {
- $User = User\Factory::buildByUsername(HTTP::POST('username'));
-
- if($User->comparePassword(HTTP::POST('password'))) {
- $_SESSION['auth'] = $User->getID();
- HTTP::redirect(Application::getAdminURL());
- }
-
- else {
- $messages[] = $Language->text('authentication_failure');
- }
- } catch(User\Exception $Exception){
- $fake_hash = '$2y$10$xpnwDU2HumOgGQhVpMOP9uataEF82YXizniFhSUhYjUiXF8aoDk0C';
- $fake_pass = HTTP::POST('password');
+if(HTTP::issetPOST(['token' => Application::getSecurityToken()], 'username', 'password')) {
+ try {
+ $User = User\Factory::buildByUsername(HTTP::POST('username'));
- password_verify($fake_pass, $fake_hash);
+ if($User->comparePassword(HTTP::POST('password'))) {
+ $_SESSION['auth'] = $User->getID();
+ HTTP::redirect(Application::getAdminURL());
+ }
+ else {
$messages[] = $Language->text('authentication_failure');
}
+ } catch(User\Exception $Exception){
+ $fake_hash = '$2y$10$xpnwDU2HumOgGQhVpMOP9uataEF82YXizniFhSUhYjUiXF8aoDk0C';
+ $fake_pass = HTTP::POST('password');
+
+ password_verify($fake_pass, $fake_hash);
+
+ $messages[] = $Language->text('authentication_failure');
}
}