Merge branch 'master' into storageareas

2018-07-12 15:05:35 -04:00 · 2018-07-12 15:05:35 -04:00 · cb079ce9f3
parent 05f0338219 0d75586fac
commit cb079ce9f3
2 changed files with 6 additions and 6 deletions
--- a/web/includes/actions.php
+++ b/web/includes/actions.php
@ -114,23 +114,23 @@ if ( $action == 'login' && isset($_REQUEST['username']) && ( ZM_AUTH_TYPE == 're
      // as it produces the same error as when you don't answer a recaptcha
      if (isset($responseData['error-codes']) && is_array($responseData['error-codes'])) {
        if (!in_array('invalid-input-secret',$responseData['error-codes'])) {	
-          Error ('reCaptcha authentication failed');
+          Error('reCaptcha authentication failed');
          userLogout();
          $view='login';
          $refreshParent = true;
+          return;
        } else {
          //Let them login but show an error
          echo '<script type="text/javascript">alert("'.translate('RecaptchaWarning').'"); </script>';
-          Error ('Invalid recaptcha secret detected');
+          Error('Invalid recaptcha secret detected');
        }
      }
    } // end if success==false
-
  } // end if using reCaptcha

-  $username = validStr( $_REQUEST['username'] );
+  $username = validStr($_REQUEST['username']);
  $password = isset($_REQUEST['password'])?validStr($_REQUEST['password']):'';
-  userLogin( $username, $password );
+  userLogin($username, $password);
  $refreshParent = true;
  $view = 'console';
  $redirect = ZM_BASE_URL.$_SERVER['PHP_SELF'].'?view=console';
--- a/web/index.php
+++ b/web/index.php
@ -55,7 +55,7 @@ require_once( 'includes/Monitor.php' );
 if (
  (isset($_SERVER['HTTPS']) && $_SERVER['HTTPS'] == 'on')
  or
-  ($_SERVER['HTTP_X_FORWARDED_PROTO'] == 'https')
+  (isset($_SERVER['HTTP_X_FORWARDED_PROTO']) and ($_SERVER['HTTP_X_FORWARDED_PROTO'] == 'https'))
 ) {
  $protocol = 'https';
 } else {