[geeklog-cvs] geeklog: More comments & minor code cleanup
geeklog-cvs at lists.geeklog.net
geeklog-cvs at lists.geeklog.net
Tue Dec 29 08:00:30 EST 2009
changeset 7543:624b8b9ce9e6
url: http://project.geeklog.net/cgi-bin/hgwebdir.cgi/geeklog/rev/624b8b9ce9e6
user: Dirk Haun <dirk at haun-online.de>
date: Sun Dec 20 18:41:38 2009 +0100
description:
More comments & minor code cleanup
diffstat:
public_html/users.php | 17 +++++++++++++----
1 files changed, 13 insertions(+), 4 deletions(-)
diffs (51 lines):
diff -r 31fb5b9f8065 -r 624b8b9ce9e6 public_html/users.php
--- a/public_html/users.php Sun Dec 20 18:29:31 2009 +0100
+++ b/public_html/users.php Sun Dec 20 18:41:38 2009 +0100
@@ -837,11 +837,18 @@
}
// don't return
- exit();
+ exit;
}
-function handle_expiredToken()
+/**
+* Re-send a request after successful re-authentication
+*
+* Re-creates a GET or POST request based on data passed along in a form. Used
+* in case of an expired security token so that the user doesn't lose changes.
+*
+*/
+function resend_request()
{
require_once 'HTTP/Request.php';
@@ -906,7 +913,7 @@
}
// don't return
- exit();
+ exit;
}
// MAIN
@@ -1100,6 +1107,8 @@
$display .= COM_siteFooter();
break;
+case 'tokenexpired':
+// deliberate fallthrough (see below)
default:
// prevent dictionary attacks on passwords
@@ -1210,7 +1219,7 @@
if ($status == USER_ACCOUNT_ACTIVE) { // logged in AOK.
if ($mode == 'tokenexpired') {
- handle_expiredToken(); // won't come back
+ resend_request(); // won't come back
}
DB_change($_TABLES['users'],'pwrequestid',"NULL",'uid',$uid);
$userdata = SESS_getUserDataFromId($uid);
More information about the geeklog-cvs
mailing list