We don't do automatic login when recaptcha is enabled, so add the login calls on successful recaptcha

This commit is contained in:
Isaac Connor 2020-02-04 16:41:19 -05:00
parent 42b3bb6a53
commit 1c2f2657d2
1 changed files with 11 additions and 2 deletions

View File

@ -49,14 +49,23 @@ if ( ('login' == $action) && isset($_REQUEST['username']) && ( ZM_AUTH_TYPE == '
// as it produces the same error as when you don't answer a recaptcha // as it produces the same error as when you don't answer a recaptcha
if ( isset($responseData['error-codes']) && is_array($responseData['error-codes']) ) { if ( isset($responseData['error-codes']) && is_array($responseData['error-codes']) ) {
if ( !in_array('invalid-input-secret', $responseData['error-codes']) ) { if ( !in_array('invalid-input-secret', $responseData['error-codes']) ) {
Error('reCaptcha authentication failed'); ZM\Error('reCaptcha authentication failed. response was: ' . print_r($responseData['error-codes'],true));
unset($user); // unset should be ok here because we aren't in a function unset($user); // unset should be ok here because we aren't in a function
return; return;
} else { } else {
Error('Invalid recaptcha secret detected'); ZM\Error('Invalid recaptcha secret detected');
} }
} }
} // end if success==false } // end if success==false
if ( ! (empty($_REQUEST['username']) or empty($_REQUEST['password'])) ) {
$ret = validateUser($_REQUEST['username'], $_REQUEST['password']);
if ( !$ret[0] ) {
ZM\Error($ret[1]);
unset($user); // unset should be ok here because we aren't in a function
} else {
$user = $ret[0];
}
} # end if have username and password
} // end if using reCaptcha } // end if using reCaptcha
// if captcha existed, it was passed // if captcha existed, it was passed