diff options
| author | Mike Macgirvin <mike@macgirvin.com> | 2010-09-26 17:24:20 -0700 |
|---|---|---|
| committer | Mike Macgirvin <mike@macgirvin.com> | 2010-09-26 17:24:20 -0700 |
| commit | 34eedb503acad59d649f96d3250b40cc1c84047c (patch) | |
| tree | 95f0eb71d4db446743f5043ce8009fcc1566d9fa /include/auth.php | |
| parent | 1105cdb0654b6f9bb03e686b351da1cdaa8d8f4f (diff) | |
| download | volse-hubzilla-34eedb503acad59d649f96d3250b40cc1c84047c.tar.gz volse-hubzilla-34eedb503acad59d649f96d3250b40cc1c84047c.tar.bz2 volse-hubzilla-34eedb503acad59d649f96d3250b40cc1c84047c.zip | |
stronger type checking on comparisons
Diffstat (limited to 'include/auth.php')
| -rw-r--r-- | include/auth.php | 6 |
1 files changed, 3 insertions, 3 deletions
diff --git a/include/auth.php b/include/auth.php index b856379f1..6a50362d6 100644 --- a/include/auth.php +++ b/include/auth.php @@ -2,8 +2,8 @@ // login/logout -if((x($_SESSION,'authenticated')) && (! ($_POST['auth-params'] == 'login'))) { - if($_POST['auth-params'] == 'logout' || $a->module == "logout") { +if((x($_SESSION,'authenticated')) && (! ($_POST['auth-params'] === 'login'))) { + if($_POST['auth-params'] === 'logout' || $a->module === 'logout') { unset($_SESSION['authenticated']); unset($_SESSION['uid']); unset($_SESSION['visitor_id']); @@ -46,7 +46,7 @@ else { $encrypted = hash('whirlpool',trim($_POST['password'])); - if((x($_POST,'auth-params')) && $_POST['auth-params'] == 'login') { + if((x($_POST,'auth-params')) && $_POST['auth-params'] === 'login') { $r = q("SELECT * FROM `user` WHERE `email` = '%s' AND `password` = '%s' AND `blocked` = 0 AND `verified` = 1 LIMIT 1", dbesc(trim($_POST['login-name'])), |