X-Git-Url: http://git.polytechnique.org/?a=blobdiff_plain;f=classes%2Fxorgsession.php;h=af7cd9e4350a043aa8fafd8d4e8a0977cd68192d;hb=9a13e83f4b39c7feaba924b724fd43497109481b;hp=73bdb9fa5747649401d7db8e64fecda23b262176;hpb=ff9e2d12d4253481dbae7ae92735a354276674a4;p=platal.git

diff --git a/classes/xorgsession.php b/classes/xorgsession.php
index 73bdb9f..af7cd9e 100644
--- a/classes/xorgsession.php
+++ b/classes/xorgsession.php
@@ -138,14 +138,19 @@ class XorgSession extends PlSession
 
         $user = User::getSilent($login);
 
-        if (!is_null($user) && S::suid()) {
-            $success = (S::suid('uid') == $user->id());
+        if (is_null($user)) {
+            Platal::page()->trigError(self::TEXT_INVALID_LOGIN);
+            $success = false;
         } else {
-            $success = $this->checkPassword($login, $user, Post::v('response'));
+            if (S::suid()) {
+                $success = (S::suid('uid') == $user->id());
+            } else {
+                $success = $this->checkPassword($login, $user, Post::v('response'));
+            }
         }
 
         if ($success) {
-            S::set('auth', AUTH_MDP);
+            S::set('auth', AUTH_PASSWD);
             S::kill('challenge');
             S::logger($user->id())->log('auth_ok');
         }
@@ -161,7 +166,7 @@ class XorgSession extends PlSession
             return true;
         }
         if ($level == AUTH_SUID) {
-            S::set('auth', AUTH_MDP);
+            S::set('auth', AUTH_PASSWD);
         }
 
         // Loads uid and hruid into the session for developement conveniance.
@@ -301,7 +306,7 @@ class XorgSession extends PlSession
 
     public function sureLevel()
     {
-        return AUTH_MDP;
+        return AUTH_PASSWD;
     }