perdedora/leftypol
1
0
Fork 0
forked from leftypol/leftypol
Code Pull requests Activity

auth.php: disallow unencrypted logins by default

Browse source
This commit is contained in:
Zankaria 2024-04-30 11:31:06 +02:00
parent 003152095a
commit aa99d10f1a
5 changed files with 32 additions and 5 deletions
Download patch file Download diff file Expand all files Collapse all files

9
inc/mod/pages.php
View file

@ -4,8 +4,11 @@
* Copyright (c) 2010-2013 Tinyboard Development Group
*/
use Vichan\Functions\Net;
defined('TINYBOARD') or exit;
function mod_page($title, $template, $args, $subtitle = false) {
global $config, $mod;
@ -35,9 +38,11 @@ function clone_wrapped_with_exist_check($clonefn, $src, $dest) {
function mod_login($redirect = false) {
global $config;
$args = array();
$args = [];
if (isset($_POST['login'])) {
if ($config['cookies']['secure_login_only'] && !Net\is_connection_secure()) {
$args['error'] = $config['error']['insecure'];
} elseif (isset($_POST['login'])) {
// Check if inputs are set and not empty
if (!isset($_POST['username'], $_POST['password']) || $_POST['username'] == '' || $_POST['password'] == '') {
$args['error'] = $config['error']['invalid'];