A lot of code cleanup and code sanitation done.
This commit is contained in:
@@ -1,7 +1,7 @@
|
||||
<?php
|
||||
session_start();
|
||||
|
||||
include_once $_SERVER['DOCUMENT_ROOT'] . '/login/php/authFunctions.php';
|
||||
require_once "{$_SERVER['DOCUMENT_ROOT']}/login/php/authFunctions.php";
|
||||
|
||||
if (checkLoginAttempts() > 3) {
|
||||
header('Location: /login/');
|
||||
@@ -70,15 +70,13 @@ if ($_SERVER['REQUEST_METHOD'] === 'POST') {
|
||||
session_regenerate_id(true); # create session to store some data
|
||||
$_SESSION['mfa'] = ['user_uuid' => $user['user_uuid'], 'user_secret' => $user['user_two_factor_secret']];
|
||||
header('Location: /login/');
|
||||
exit;
|
||||
} else {
|
||||
# No mfa2 is setup
|
||||
# No mfa2 is set up
|
||||
|
||||
loginUser($user['user_uuid']);
|
||||
header('Location: /');
|
||||
exit;
|
||||
}
|
||||
|
||||
exit;
|
||||
|
||||
}
|
||||
|
||||
|
||||
Reference in New Issue
Block a user