/** * Display a login form */ public function loginFormAction() { $https = fz_config_get('app', 'https'); if ($this->getAuthHandler()->isSecured()) { fz_redirect_to('/', $https == 'always'); } if ($https == 'always' || $https == 'login_only') { fz_force_https(); } set('username', array_key_exists('username', $_POST) ? $_POST['username'] : ''); return html('auth/loginForm.php'); }
/** * Display a login form */ public function loginFormAction() { $https = fz_config_get('app', 'https'); if ($this->getAuthHandler()->isSecured()) { fz_redirect_to('/', $https == 'always'); } if ($https == 'always' || $https == 'login_only') { fz_force_https(); } if (isset($_SESSION['token']) && $_POST['token'] == $_SESSION['token']) { set('username', array_key_exists('username', $_POST) ? $_POST['username'] : ''); } $token = md5(uniqid(rand(), true)); $_SESSION['token'] = $token; return html('auth/loginForm.php'); }