IndexController: ensure successful login after entering incorrect use…

…rname - Return user to login form after failed login and ensure post variables are cleared. - Return user to site root after logout, which fixes redirect loop when using REMOTE_USER and logging out. fixes #268, #269
uzerpllp · Nov 2, 2023 · 480171f · 480171f
1 parent bf844c9
commit 480171f
Showing 1 changed file with 2 additions and 15 deletions.
diff --git a/modules/public_pages/login/controllers/IndexController.php b/modules/public_pages/login/controllers/IndexController.php
@@ -273,8 +273,8 @@ public function login()
             $flash->addError('Incorrect username or password');
             $this->logger->warning('FAILED LOGIN, Incorrect username or password, or user access disabled', array('username' => $this->username));
         }
-        $this->index();
-        $this->_templateName = $this->getTemplateName('index');
+        sendTo('index');
+        exit();
     }
 
     /**
@@ -458,11 +458,6 @@ public function requestpassword()
         }
     }
 
-    function __call($func, $args)
-    {
-        $this->_templateName = $this->getTemplateName('index');
-        return $this->index();
-    }
 
     function logout()
     {
@@ -479,14 +474,6 @@ function logout()
         //remove session cookie
         addCookie(session_name(), '', 0);
 
-        // don't go to login form for non-interactive logins
-        $injector = $this->_injector;
-        $authentication = $injector->Instantiate('LoginHandler');
-        if (! $authentication->interactive()) {
-            $this->_templateName = $this->getTemplateName('logout');
-            return $this->index();
-        }
-
         header("Location: /");
         exit();
     }