diff options
Diffstat (limited to 'frontend/pages/login.php')
-rw-r--r-- | frontend/pages/login.php | 20 |
1 files changed, 9 insertions, 11 deletions
diff --git a/frontend/pages/login.php b/frontend/pages/login.php index 13eeb0a..953d2c4 100644 --- a/frontend/pages/login.php +++ b/frontend/pages/login.php @@ -1,12 +1,11 @@ <?php -function init_login() { - global $S, $request, $conf; +function init_login(&$S) { if (isset($S['user'])) { - // Should we let you continue to $request['go'] instead? + // Should we let you continue to $_REQUEST['go'] instead? return 'welcome'; } else { - if (isset($request['email']) && isset($request['password'])) { - $r=$S['pdo']->query('SELECT * FROM `users` WHERE `email`='.$S['pdo']->quote($request['email']).' AND `passhash`="'.sha1($request['password']).'"'); + if (isset($_REQUEST['email']) && isset($_REQUEST['password'])) { + $r=query('SELECT * FROM `users` WHERE `email`='.$S['pdo']->quote($_REQUEST['email']).' AND `passhash`="'.sha1($_REQUEST['password']).'"'); if ($r->rowCount()) { $S['user']=new sql_user($r->fetch(PDO::FETCH_ASSOC)); $S['login.result']=sql_session::create(); @@ -17,10 +16,9 @@ function init_login() { return array('title' => 'Login'); } } -function body_login() { - global $request, $S; +function body_login(&$S) { if (substr($S['request'], 0, 5) != 'login') { - $request['go']=$S['request']; + $_REQUEST['go']=$S['request']; echo print_warning('Please sign in to access this page.'); } if (isset($S['login.result'])) { @@ -28,15 +26,15 @@ function body_login() { echo print_error('An error occurred while signing you in.'); } elseif ($S['login.result']) { echo print_success('Welcome, '.$S['user']->name); - echo '<a href="'.url(isset($request['go'])?$request['go']:'').'">Continue</a>'; + echo '<a href="'.url(isset($_REQUEST['go'])?$_REQUEST['go']:'').'">Continue</a>'; die; } else { echo print_error('Your email and password combination was not recognized.'); } } echo '<h3>Login</h3><form action="'.url('login').'" method="post">'; - if (isset($request['go'])) { - echo '<input type="hidden" name="go" value="'.htmlentities($request['go']).'" />'; + if (isset($_REQUEST['go'])) { + echo '<input type="hidden" name="go" value="'.htmlentities($_REQUEST['go']).'" />'; } echo 'Email: <input name="email" /><br/>Password: <input type="password" name="password" /><br/><input type="submit" value="Submit" /></form>'; } |