We don't do automatic login when recaptcha is enabled, so add the login calls on successful recaptcha
This commit is contained in:
parent
42b3bb6a53
commit
1c2f2657d2
|
@ -49,14 +49,23 @@ if ( ('login' == $action) && isset($_REQUEST['username']) && ( ZM_AUTH_TYPE == '
|
||||||
// as it produces the same error as when you don't answer a recaptcha
|
// as it produces the same error as when you don't answer a recaptcha
|
||||||
if ( isset($responseData['error-codes']) && is_array($responseData['error-codes']) ) {
|
if ( isset($responseData['error-codes']) && is_array($responseData['error-codes']) ) {
|
||||||
if ( !in_array('invalid-input-secret', $responseData['error-codes']) ) {
|
if ( !in_array('invalid-input-secret', $responseData['error-codes']) ) {
|
||||||
Error('reCaptcha authentication failed');
|
ZM\Error('reCaptcha authentication failed. response was: ' . print_r($responseData['error-codes'],true));
|
||||||
unset($user); // unset should be ok here because we aren't in a function
|
unset($user); // unset should be ok here because we aren't in a function
|
||||||
return;
|
return;
|
||||||
} else {
|
} else {
|
||||||
Error('Invalid recaptcha secret detected');
|
ZM\Error('Invalid recaptcha secret detected');
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
} // end if success==false
|
} // end if success==false
|
||||||
|
if ( ! (empty($_REQUEST['username']) or empty($_REQUEST['password'])) ) {
|
||||||
|
$ret = validateUser($_REQUEST['username'], $_REQUEST['password']);
|
||||||
|
if ( !$ret[0] ) {
|
||||||
|
ZM\Error($ret[1]);
|
||||||
|
unset($user); // unset should be ok here because we aren't in a function
|
||||||
|
} else {
|
||||||
|
$user = $ret[0];
|
||||||
|
}
|
||||||
|
} # end if have username and password
|
||||||
} // end if using reCaptcha
|
} // end if using reCaptcha
|
||||||
|
|
||||||
// if captcha existed, it was passed
|
// if captcha existed, it was passed
|
||||||
|
|
Loading…
Reference in New Issue