summaryrefslogtreecommitdiff
path: root/actions
diff options
context:
space:
mode:
Diffstat (limited to 'actions')
-rw-r--r--actions/finishremotesubscribe.php13
-rw-r--r--actions/login.php9
2 files changed, 15 insertions, 7 deletions
diff --git a/actions/finishremotesubscribe.php b/actions/finishremotesubscribe.php
index b1cec66f4..deee70f36 100644
--- a/actions/finishremotesubscribe.php
+++ b/actions/finishremotesubscribe.php
@@ -89,12 +89,16 @@ class FinishremotesubscribeAction extends Action
}
$remote = Remote_profile::staticGet('uri', $service->getListenerURI());
+ if ($remote) {
+ // Note remote profile may not have been saved yet.
+ // @fixme not convinced this is correct at all!
- $profile = Profile::staticGet($remote->id);
+ $profile = Profile::staticGet($remote->id);
- if ($user->hasBlocked($profile)) {
- $this->clientError(_('That user has blocked you from subscribing.'));
- return;
+ if ($user->hasBlocked($profile)) {
+ $this->clientError(_('That user has blocked you from subscribing.'));
+ return;
+ }
}
/* Perform the handling itself via libomb. */
@@ -122,6 +126,7 @@ class FinishremotesubscribeAction extends Action
/* The service URLs are not accessible from datastore, so setting them
after insertion of the profile. */
+ $remote = Remote_profile::staticGet('uri', $service->getListenerURI());
$orig_remote = clone($remote);
$remote->postnoticeurl =
diff --git a/actions/login.php b/actions/login.php
index cee29fd09..cd1326813 100644
--- a/actions/login.php
+++ b/actions/login.php
@@ -79,8 +79,6 @@ class LoginAction extends Action
$this->clientError(_('Already logged in.'));
} else if ($_SERVER['REQUEST_METHOD'] == 'POST') {
$this->checkLogin();
- } else if (isset($args['user_id']) && isset($args['token'])){
- $this->checkLogin($args['user_id'],$args['token']);
} else {
common_ensure_session();
$this->showForm();
@@ -97,7 +95,7 @@ class LoginAction extends Action
* @return void
*/
- function checkLogin($user_id=null, $token=null)
+ function checkLogin()
{
if(isset($token) && isset($user_id)){
//Token based login (from the LoginCommand)
@@ -139,6 +137,11 @@ class LoginAction extends Action
$user = common_check_user($nickname, $password);
}
+ $nickname = common_canonical_nickname($this->trimmed('nickname'));
+ $password = $this->arg('password');
+
+ $user = common_check_user($nickname, $password);
+
if (!$user) {
$this->showForm(_('Incorrect username or password.'));
return;