Merge updates: better name comparison.

[platal.git] / classes / xorgsession.php

diff --git a/classes/xorgsession.php b/classes/xorgsession.php
index 73bdb9f..af7cd9e 100644 (file)
--- a/classes/xorgsession.php
+++ b/classes/xorgsession.php
@@ -138,14 +138,19 @@ class XorgSession extends PlSession
 
         $user = User::getSilent($login);
 
-        if (!is_null($user) && S::suid()) {
-            $success = (S::suid('uid') == $user->id());
+        if (is_null($user)) {
+            Platal::page()->trigError(self::TEXT_INVALID_LOGIN);
+            $success = false;
         } else {
-            $success = $this->checkPassword($login, $user, Post::v('response'));
+            if (S::suid()) {
+                $success = (S::suid('uid') == $user->id());
+            } else {
+                $success = $this->checkPassword($login, $user, Post::v('response'));
+            }
         }
 
         if ($success) {
-            S::set('auth', AUTH_MDP);
+            S::set('auth', AUTH_PASSWD);
             S::kill('challenge');
             S::logger($user->id())->log('auth_ok');
         }
@@ -161,7 +166,7 @@ class XorgSession extends PlSession
             return true;
         }
         if ($level == AUTH_SUID) {
-            S::set('auth', AUTH_MDP);
+            S::set('auth', AUTH_PASSWD);
         }
 
         // Loads uid and hruid into the session for developement conveniance.
@@ -301,7 +306,7 @@ class XorgSession extends PlSession
 
     public function sureLevel()
     {
-        return AUTH_MDP;
+        return AUTH_PASSWD;
     }