diff options
-rw-r--r-- | core/templates/login.php | 6 | ||||
-rwxr-xr-x | index.php | 5 | ||||
-rwxr-xr-x | lib/util.php | 17 |
3 files changed, 18 insertions, 10 deletions
diff --git a/core/templates/login.php b/core/templates/login.php index b35c4a33be8..2c9b766aa4d 100644 --- a/core/templates/login.php +++ b/core/templates/login.php @@ -2,16 +2,16 @@ <form action="index.php" method="post"> <fieldset> <?php if(!empty($_['redirect'])) { echo '<input type="hidden" name="redirect_url" value="'.$_['redirect'].'" />'; } ?> - <?php if($_['error']): ?> + <?php if($_['display_lostpassword']): ?> <a href="./core/lostpassword/"><?php echo $l->t('Lost your password?'); ?></a> <?php endif; ?> <p class="infield"> <label for="user" class="infield"><?php echo $l->t( 'Username' ); ?></label> - <input type="text" name="user" id="user" value="<?php echo !empty($_POST['user'])?OC_Util::sanitizeHTML($_POST['user'],ENT_COMPAT,'utf-8').'"':'" autofocus'; ?> autocomplete="on" required /> + <input type="text" name="user" id="user" value="<?php echo $_['username']; ?>"<?php echo $_['user_autofocus']?' autofocus':''; ?> autocomplete="on" required /> </p> <p class="infield"> <label for="password" class="infield"><?php echo $l->t( 'Password' ); ?></label> - <input type="password" name="password" id="password" value="" required <?php echo !empty($_POST['user'])?'autofocus':''; ?> /> + <input type="password" name="password" id="password" value="" required<?php echo $_['user_autofocus']?'':' autofocus'; ?> /> <input type="hidden" name="sectoken" id="sectoken" value="<?php echo($_['sectoken']); ?>" /> </p> <input type="checkbox" name="remember_login" value="1" id="remember_login" /><label for="remember_login"><?php echo $l->t('remember'); ?></label> diff --git a/index.php b/index.php index 4ffd013aa86..86d268bf285 100755 --- a/index.php +++ b/index.php @@ -43,9 +43,6 @@ if (!OC::handleRequest()) { $error = true; } if(!array_key_exists('sectoken', $_SESSION) || (array_key_exists('sectoken', $_SESSION) && is_null(OC::$REQUESTEDFILE)) || substr(OC::$REQUESTEDFILE, -3) == 'php'){ - $sectoken=rand(1000000,9999999); - $_SESSION['sectoken']=$sectoken; - $redirect_url = (isset($_REQUEST['redirect_url'])) ? OC_Util::sanitizeHTML($_REQUEST['redirect_url']) : $_SERVER['REQUEST_URI']; - OC_Template::printGuestPage('', 'login', array('error' => $error, 'sectoken' => $sectoken, 'redirect' => $redirect_url)); + OC_Util::displayLoginPage($error); } } diff --git a/lib/util.php b/lib/util.php index 4c5d416f9f2..732acbb9205 100755 --- a/lib/util.php +++ b/lib/util.php @@ -271,15 +271,26 @@ class OC_Util { return $errors; } - public static function displayLoginPage($parameters = array()){ - if(isset($_COOKIE["username"])){ - $parameters["username"] = $_COOKIE["username"]; + public static function displayLoginPage($display_lostpassword) { + $parameters = array(); + $parameters['display_lostpassword'] = $display_lostpassword; + if (!empty($_POST['user'])) { + $parameters["username"] = + OC_Util::sanitizeHTML($_POST['user']).'"'; + $parameters['user_autofocus'] = false; } else { $parameters["username"] = ''; + $parameters['user_autofocus'] = true; } $sectoken=rand(1000000,9999999); $_SESSION['sectoken']=$sectoken; $parameters["sectoken"] = $sectoken; + if (isset($_REQUEST['redirect_url'])) { + $redirect_url = OC_Util::sanitizeHTML($_REQUEST['redirect_url']); + } else { + $redirect_url = $_SERVER['REQUEST_URI']; + } + $parameters['redirect_url'] = $redirect_url; OC_Template::printGuestPage("", "login", $parameters); } |