mirror of
https://github.com/postfixadmin/postfixadmin.git
synced 2024-09-19 19:22:14 +02:00
login.php was writing to $_SESSION just before the 'init_session' function was called which just overwrote everything, so reorder code to fix #795
see https://github.com/postfixadmin/postfixadmin/issues/795 (thanks @kwitkow)
This commit is contained in:
parent
6b5801c666
commit
0632d39d0c
@ -82,16 +82,19 @@ if ($_SERVER['REQUEST_METHOD'] == "POST") {
|
|||||||
|
|
||||||
$adminproperties = $h->result();
|
$adminproperties = $h->result();
|
||||||
|
|
||||||
if ($adminproperties['superadmin'] == 1) {
|
|
||||||
$_SESSION['sessid']['roles'][] = 'global-admin';
|
|
||||||
}
|
|
||||||
|
|
||||||
if ($totppf->usesTOTP($fUsername)) {
|
if ($totppf->usesTOTP($fUsername)) {
|
||||||
init_session($fUsername, true, false);
|
init_session($fUsername, true, false);
|
||||||
header("Location: login-mfa.php");
|
header("Location: login-mfa.php");
|
||||||
exit(0);
|
exit(0);
|
||||||
}
|
}
|
||||||
|
|
||||||
init_session($fUsername, true, true);
|
init_session($fUsername, true, true);
|
||||||
|
|
||||||
|
if ($adminproperties['superadmin'] == 1) {
|
||||||
|
$_SESSION['sessid']['roles'][] = 'global-admin';
|
||||||
|
}
|
||||||
|
|
||||||
header("Location: main.php");
|
header("Location: main.php");
|
||||||
exit(0);
|
exit(0);
|
||||||
} else { # $h->login failed
|
} else { # $h->login failed
|
||||||
|
Loading…
Reference in New Issue
Block a user