Bug #24456 » 24456_v2.diff
| t3lib/class.t3lib_userauth.php | ||
|---|---|---|
|
// Make certain that NO user is set initially
|
||
|
$this->user = '';
|
||
|
// We need a PHP session session for most login levels
|
||
|
session_start();
|
||
|
// Check to see if anyone has submitted login-information and if so register the user with the session. $this->user[uid] may be used to write log...
|
||
|
$this->checkAuthentication();
|
||
| ... | ... | |
|
// Check challenge stored in cookie:
|
||
|
if ($this->challengeStoredInCookie) {
|
||
|
session_start();
|
||
|
if ($_SESSION['login_challenge'] !== $loginData['chalvalue']) {
|
||
|
if ($this->writeDevLog) {
|
||
|
t3lib_div::devLog('PHP Session stored challenge "' . $_SESSION['login_challenge'] . '" and submitted challenge "' . $loginData['chalvalue'] . '" did not match, so authentication failed!', 't3lib_userAuth', 2);
|
||