Added improved messaging
diff --git a/php/change_password.php b/php/change_password.php
index 82ffcde..6f13127 100644
--- a/php/change_password.php
+++ b/php/change_password.php
@@ -4,7 +4,7 @@
// Check if confirmation is the same
if ($_POST['password'] != $_POST['confirmation']) {
- header("Location: ../main.php?wrong_password=1");
+ header("Location: ../main.php?wrongconfirmation=1");
die();
} else {
// Execute query to change password
diff --git a/php/login.php b/php/login.php
index 4219e2c..9fcdc39 100644
--- a/php/login.php
+++ b/php/login.php
@@ -22,13 +22,17 @@
// Redirect if wrong
if ($real_password != "" && $real_password != md5($password)) {
+ // Forget cookies
+ setcookie('user', '', -1, "/");
+ setcookie('password', '', -1, "/");
+
header("Location: ../index.php?wrongpassword=1");
die();
}
// Save variables as cookies
setcookie('user', $user, time() + (86400 * 10), "/");
- if ($real_password != "") setcookie('password', $password, time() + (86400 * 10), "/");
+ if ($real_password != "") setcookie('password', md5($password), time() + (86400 * 10), "/");
else setcookie('password', '', -1, "/");
// Success, proceed to main page