Fixes: #2669 SSL check in password recovery was in the wrong place

f43807f8 · Côme Bernigaud · Benoit Mortier · d43020ba · f43807f8 · f43807f8
Commit f43807f8 authored 11 years ago by Côme Bernigaud Committed by Benoit Mortier 11 years ago
Hide whitespace changes
Inline Side-by-side

Showing

with 8 additions and 10 deletions
+8 -10
--- a/html/class_passwordRecovery.inc
+++ b/html/class_passwordRecovery.inc
@@ -56,7 +56,7 @@ class passwordRecovery {
  /* Constructor */
  function passwordRecovery()
  {
-    global $config;
+    global $config, $ssl;
    /* Destroy old session if exists.
        Else you will get your old session back, if you not logged out correctly. */
    session::destroy();
@@ -66,6 +66,13 @@ class passwordRecovery {
    reset_errors();
    $config       = $this->loadConfig();
+    /* If SSL is forced, just forward to the SSL enabled site */
+    if (($config->get_cfg_value("forcessl") == "TRUE") && ($ssl != '')) {
+      header ("Location: $ssl");
+      exit;
+    }
    $this->config = $config;
    $this->setupSmarty();

--- a/html/recovery.php
+++ b/html/recovery.php
@@ -22,15 +22,6 @@ require_once("../include/php_setup.inc");
 require_once("functions.inc");
 require_once("variables.inc");
-$config = session::global_get('config');
-/* If SSL is forced, just forward to the SSL enabled site */
-if (($config->get_cfg_value("forcessl") == "TRUE") && ($ssl != '')) {
-  header ("Location: $ssl");
-  exit;
-}
 $pwRecovery = new passwordRecovery();
 $pwRecovery->execute();