Don't regenerate token with invalid login

author jakubvrana <jakubvrana@7c3ca157-0c34-0410-bff1-cbf682f78f5c>

Wed, 11 Jul 2007 08:19:41 +0000 (08:19 +0000)

committer jakubvrana <jakubvrana@7c3ca157-0c34-0410-bff1-cbf682f78f5c>

Wed, 11 Jul 2007 08:19:41 +0000 (08:19 +0000)
author jakubvrana <jakubvrana@7c3ca157-0c34-0410-bff1-cbf682f78f5c>
Wed, 11 Jul 2007 08:19:41 +0000 (08:19 +0000)
committer jakubvrana <jakubvrana@7c3ca157-0c34-0410-bff1-cbf682f78f5c>
Wed, 11 Jul 2007 08:19:41 +0000 (08:19 +0000)
diff --git a/auth.inc.php b/auth.inc.php

index 41e9ab837e16018c348777df6021296aef3583fd..3806d71dffc376e12d8bfce534c5a1128614f02c 100644 (file)
--- a/auth.inc.php
+++ b/auth.inc.php
@@ -30,7 +30,7 @@ if (isset($_POST["server"])) {
  }
  
  if (!isset($_SESSION["usernames"][$_GET["server"]]) || !$mysql->connect($_GET["server"], $_SESSION["usernames"][$_GET["server"]], $_SESSION["passwords"][$_GET["server"]])) {
-       if ($_POST["token"]) {
+       if ($_POST["token"] && !isset($_SESSION["usernames"][$_GET["server"]])) {
                 $_POST["token"] = token();
         }
         page_header(lang('Login'));
author	jakubvrana <jakubvrana@7c3ca157-0c34-0410-bff1-cbf682f78f5c>
	Wed, 11 Jul 2007 08:19:41 +0000 (08:19 +0000)
committer	jakubvrana <jakubvrana@7c3ca157-0c34-0410-bff1-cbf682f78f5c>
	Wed, 11 Jul 2007 08:19:41 +0000 (08:19 +0000)