Fix bug with 2-factor auth not logging in

2017-05-26 00:04:30 -06:00 · 2017-05-26 00:04:30 -06:00 · 94df144321
commit 94df144321
parent 1a11f365f8
2 changed files with 2 additions and 0 deletions
--- a/database.mwb
+++ b/database.mwb
--- a/index.php
+++ b/index.php
@ -6,6 +6,7 @@ require_once __DIR__ . "/lib/login.php";
 // If we're logged in, we don't need to be here.
 if ($_SESSION['loggedin'] && !is_empty($_SESSION['password'])) {
    header('Location: home.php');
+    die();
 // This branch will likely run if the user signed in from a different app.
 } else if ($_SESSION['loggedin'] && is_empty($_SESSION['password'])) {
    $alert = lang("sign in again", false);
@ -54,6 +55,7 @@ if ($VARS['progress'] == "1") {
                    $_SESSION['passok'] = true; // stop logins using only username and authcode
                    if (userHasTOTP($VARS['username'])) {
                        $multiauth = true;
+                        $_SESSION['password'] = $VARS['password'];
                    } else {
                        doLoginUser($VARS['username'], $VARS['password']);
                        insertAuthLog(1, $_SESSION['uid']);