diff options
author | Thomas Lange <code@nerdmind.de> | 2017-09-02 15:07:35 +0200 |
---|---|---|
committer | Thomas Lange <code@nerdmind.de> | 2017-09-02 15:07:35 +0200 |
commit | e12cea77d8dabaf8bcaa30a0efb6ad8be0a15260 (patch) | |
tree | 3e9418f6718fa6b5138e2dbb9175df80d81cb476 /admin | |
parent | e0fc0f469303825d4155721e90bfa6f2062c836e (diff) | |
download | blog-e12cea77d8dabaf8bcaa30a0efb6ad8be0a15260.tar.gz blog-e12cea77d8dabaf8bcaa30a0efb6ad8be0a15260.tar.xz blog-e12cea77d8dabaf8bcaa30a0efb6ad8be0a15260.zip |
An unnecessary "else" block in admin/auth.php was removed and spelling mistakes and inconsistencies in some comments were corrected.
Diffstat (limited to 'admin')
-rw-r--r-- | admin/auth.php | 37 |
1 files changed, 16 insertions, 21 deletions
diff --git a/admin/auth.php b/admin/auth.php index 160516b..7232940 100644 --- a/admin/auth.php +++ b/admin/auth.php @@ -25,32 +25,27 @@ if(Application::isAuthenticated()) { } #=============================================================================== -# ELSE: Not authenticated +# IF: Login action #=============================================================================== -else { - #=============================================================================== - # IF: Login action - #=============================================================================== - if(HTTP::issetPOST(['token' => Application::getSecurityToken()], 'username', 'password')) { - try { - $User = User\Factory::buildByUsername(HTTP::POST('username')); - - if($User->comparePassword(HTTP::POST('password'))) { - $_SESSION['auth'] = $User->getID(); - HTTP::redirect(Application::getAdminURL()); - } - - else { - $messages[] = $Language->text('authentication_failure'); - } - } catch(User\Exception $Exception){ - $fake_hash = '$2y$10$xpnwDU2HumOgGQhVpMOP9uataEF82YXizniFhSUhYjUiXF8aoDk0C'; - $fake_pass = HTTP::POST('password'); +if(HTTP::issetPOST(['token' => Application::getSecurityToken()], 'username', 'password')) { + try { + $User = User\Factory::buildByUsername(HTTP::POST('username')); - password_verify($fake_pass, $fake_hash); + if($User->comparePassword(HTTP::POST('password'))) { + $_SESSION['auth'] = $User->getID(); + HTTP::redirect(Application::getAdminURL()); + } + else { $messages[] = $Language->text('authentication_failure'); } + } catch(User\Exception $Exception){ + $fake_hash = '$2y$10$xpnwDU2HumOgGQhVpMOP9uataEF82YXizniFhSUhYjUiXF8aoDk0C'; + $fake_pass = HTTP::POST('password'); + + password_verify($fake_pass, $fake_hash); + + $messages[] = $Language->text('authentication_failure'); } } |