diff options
| author | Evan Prodromou <evan@controlyourself.ca> | 2009-02-05 11:46:17 -0500 |
|---|---|---|
| committer | Evan Prodromou <evan@controlyourself.ca> | 2009-02-05 11:46:17 -0500 |
| commit | 7ad3ff4a2cd494ef8c1cc293e15c0a70b8786fee (patch) | |
| tree | 75d8718b5a0607dd80b5474c977508a85cf6d19a /actions/finishopenidlogin.php | |
| parent | a97f8f6a43b27b3392ef9b03be58e37d743f394d (diff) | |
Allow re-authentication with OpenID
"Rememberme" logins aren't allowed to make changes to an account
(since cookie-stealing is too easy). Users have to re-authenticate.
Previously, it was impossible to do so without having a username and
password; this change lets you do it with OpenID, too.
Diffstat (limited to 'actions/finishopenidlogin.php')
| -rw-r--r-- | actions/finishopenidlogin.php | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/actions/finishopenidlogin.php b/actions/finishopenidlogin.php index 880a9505b..bc9151120 100644 --- a/actions/finishopenidlogin.php +++ b/actions/finishopenidlogin.php @@ -30,7 +30,7 @@ class FinishopenidloginAction extends Action function handle($args) { parent::handle($args); - if (common_logged_in()) { + if (common_is_real_login()) { $this->clientError(_('Already logged in.')); } else if ($_SERVER['REQUEST_METHOD'] == 'POST') { $token = $this->trimmed('token'); |