Merge branch 'master' of https://github.com/savetheinternet/Tinyboard

11 years ago · b4efebae55
3 changed files with 8 additions and 5 deletions
--- a/inc/mod/auth.php
+++ b/inc/mod/auth.php
@ -49,7 +49,7 @@ function login($username, $password, $makehash=true) {
 			'username' => $username,
 			'hash' => mkhash($username, $password),
 			'boards' => explode(',', $user['boards'])
-			);
+		);
 	} else return false;
 }
@ -108,7 +108,7 @@ if (isset($_COOKIE[$config['cookies']['mod']])) {
 	$user = $query->fetch();
 	// validate password hash
-	if ($cookie[1] != mkhash($cookie[0], $user['password'], $cookie[2])) {
+	if ($cookie[1] !== mkhash($cookie[0], $user['password'], $cookie[2])) {
 		// Malformed cookies
 		destroyCookies();
 		error($config['error']['malformed']);
--- a/inc/mod/pages.php
+++ b/inc/mod/pages.php
@ -28,7 +28,7 @@ function mod_page($title, $template, $args, $subtitle = false) {
 	);
 }
-function mod_login() {
+function mod_login($redirect = false) {
 	global $config;
 	$args = array();
@ -49,7 +49,10 @@ function mod_login() {
 			// Set cookies
 			setCookies();
-			header('Location: ?/', true, $config['redirect_http']);
+			if ($redirect)
 				header('Location: ?' . $redirect, true, $config['redirect_http']);
 			else
 				header('Location: ?/', true, $config['redirect_http']);
 		}
 	}
--- a/mod.php
+++ b/mod.php
@ -91,7 +91,7 @@ $pages = array(
 if (!$mod) {
-	$pages = array('!!' => 'login');
+	$pages = array('!^(.+)?$!' => 'login');
 } elseif (isset($_GET['status'], $_GET['r'])) {
 	header('Location: ' . $_GET['r'], true, (int)$_GET['status']);
 	exit;