diff options
Diffstat (limited to 'actions')
-rw-r--r-- | actions/finishremotesubscribe.php | 13 | ||||
-rw-r--r-- | actions/login.php | 9 |
2 files changed, 15 insertions, 7 deletions
diff --git a/actions/finishremotesubscribe.php b/actions/finishremotesubscribe.php index b1cec66f4..deee70f36 100644 --- a/actions/finishremotesubscribe.php +++ b/actions/finishremotesubscribe.php @@ -89,12 +89,16 @@ class FinishremotesubscribeAction extends Action } $remote = Remote_profile::staticGet('uri', $service->getListenerURI()); + if ($remote) { + // Note remote profile may not have been saved yet. + // @fixme not convinced this is correct at all! - $profile = Profile::staticGet($remote->id); + $profile = Profile::staticGet($remote->id); - if ($user->hasBlocked($profile)) { - $this->clientError(_('That user has blocked you from subscribing.')); - return; + if ($user->hasBlocked($profile)) { + $this->clientError(_('That user has blocked you from subscribing.')); + return; + } } /* Perform the handling itself via libomb. */ @@ -122,6 +126,7 @@ class FinishremotesubscribeAction extends Action /* The service URLs are not accessible from datastore, so setting them after insertion of the profile. */ + $remote = Remote_profile::staticGet('uri', $service->getListenerURI()); $orig_remote = clone($remote); $remote->postnoticeurl = diff --git a/actions/login.php b/actions/login.php index cee29fd09..cd1326813 100644 --- a/actions/login.php +++ b/actions/login.php @@ -79,8 +79,6 @@ class LoginAction extends Action $this->clientError(_('Already logged in.')); } else if ($_SERVER['REQUEST_METHOD'] == 'POST') { $this->checkLogin(); - } else if (isset($args['user_id']) && isset($args['token'])){ - $this->checkLogin($args['user_id'],$args['token']); } else { common_ensure_session(); $this->showForm(); @@ -97,7 +95,7 @@ class LoginAction extends Action * @return void */ - function checkLogin($user_id=null, $token=null) + function checkLogin() { if(isset($token) && isset($user_id)){ //Token based login (from the LoginCommand) @@ -139,6 +137,11 @@ class LoginAction extends Action $user = common_check_user($nickname, $password); } + $nickname = common_canonical_nickname($this->trimmed('nickname')); + $password = $this->arg('password'); + + $user = common_check_user($nickname, $password); + if (!$user) { $this->showForm(_('Incorrect username or password.')); return; |