From 782c416cb46c9b3029f344d1adbd706180e1cbf7 Mon Sep 17 00:00:00 2001 From: Jimako Date: Wed, 7 Sep 2022 13:28:09 +0200 Subject: [PATCH] Fix for #4860 and correct fix for #3983 - correct second authorization with continue on second auth there was no invalid login CLOSES #4860 CLOSES #3983 --- e107_handlers/login.php | 7 +++++-- 1 file changed, 5 insertions(+), 2 deletions(-) diff --git a/e107_handlers/login.php b/e107_handlers/login.php index 3cf64d937b..6ca0365f18 100644 --- a/e107_handlers/login.php +++ b/e107_handlers/login.php @@ -117,9 +117,9 @@ public function login($username, $userpass, $autologin, $response = '', $noredir $authMethod[0] = varset($pref['auth_method'], 'e107'); // Primary authentication method $authMethod[1] = varset($pref['auth_method2'], 'none'); // Secondary authentication method (if defined) $result = false; - foreach ($authMethod as $method) + foreach ($authMethod as $key => $method) { - if ($method == 'e107' OR $method == 'e107db') + if ($method == 'e107') { if ($this->lookupUser($username, $forceLogin)) { @@ -161,6 +161,9 @@ public function login($username, $userpass, $autologin, $response = '', $noredir $authorized = true; break; case LOGIN_TRY_OTHER: + if ($key === array_key_last($authMethod)) { + return $this->invalidLogin($username,LOGIN_ABORT); + } continue 2; break; }