summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--admin/auth.php37
-rw-r--r--core/application.php2
-rw-r--r--core/namespace/Application.php2
3 files changed, 18 insertions, 23 deletions
diff --git a/admin/auth.php b/admin/auth.php
index 160516b..7232940 100644
--- a/admin/auth.php
+++ b/admin/auth.php
@@ -25,32 +25,27 @@ if(Application::isAuthenticated()) {
}
#===============================================================================
-# ELSE: Not authenticated
+# IF: Login action
#===============================================================================
-else {
- #===============================================================================
- # IF: Login action
- #===============================================================================
- if(HTTP::issetPOST(['token' => Application::getSecurityToken()], 'username', 'password')) {
- try {
- $User = User\Factory::buildByUsername(HTTP::POST('username'));
-
- if($User->comparePassword(HTTP::POST('password'))) {
- $_SESSION['auth'] = $User->getID();
- HTTP::redirect(Application::getAdminURL());
- }
-
- else {
- $messages[] = $Language->text('authentication_failure');
- }
- } catch(User\Exception $Exception){
- $fake_hash = '$2y$10$xpnwDU2HumOgGQhVpMOP9uataEF82YXizniFhSUhYjUiXF8aoDk0C';
- $fake_pass = HTTP::POST('password');
+if(HTTP::issetPOST(['token' => Application::getSecurityToken()], 'username', 'password')) {
+ try {
+ $User = User\Factory::buildByUsername(HTTP::POST('username'));
- password_verify($fake_pass, $fake_hash);
+ if($User->comparePassword(HTTP::POST('password'))) {
+ $_SESSION['auth'] = $User->getID();
+ HTTP::redirect(Application::getAdminURL());
+ }
+ else {
$messages[] = $Language->text('authentication_failure');
}
+ } catch(User\Exception $Exception){
+ $fake_hash = '$2y$10$xpnwDU2HumOgGQhVpMOP9uataEF82YXizniFhSUhYjUiXF8aoDk0C';
+ $fake_pass = HTTP::POST('password');
+
+ password_verify($fake_pass, $fake_hash);
+
+ $messages[] = $Language->text('authentication_failure');
}
}
diff --git a/core/application.php b/core/application.php
index 72f854a..7ba66fe 100644
--- a/core/application.php
+++ b/core/application.php
@@ -86,7 +86,7 @@ catch(PDOException $Exception) {
}
#===============================================================================
-# Check if "304 Not Modified" and ETag header should be send
+# Check if "304 Not Modified" and ETag header should be sent
#===============================================================================
if(Application::get('CORE.SEND_304') === TRUE AND !defined('ADMINISTRATION')) {
diff --git a/core/namespace/Application.php b/core/namespace/Application.php
index 4a6414a..8c3be12 100644
--- a/core/namespace/Application.php
+++ b/core/namespace/Application.php
@@ -34,7 +34,7 @@ class Application {
}
#===============================================================================
- # Return singleton PDO database instance
+ # Return singleton Database instance
#===============================================================================
public static function getDatabase($force = FALSE): Database {
if(!self::$Database instanceof Database OR $force === TRUE) {