SimpleMachines /
SMF2.1
| @@ 86-87 (lines=2) @@ | ||
| 83 | global $cookiename, $modSettings, $context, $sourcedir, $maintenance; |
|
| 84 | ||
| 85 | // Check to ensure we're forcing SSL for authentication |
|
| 86 | if (!empty($modSettings['force_ssl']) && empty($maintenance) && !httpsOn()) |
|
| 87 | fatal_lang_error('login_ssl_required'); |
|
| 88 | ||
| 89 | // Load cookie authentication stuff. |
|
| 90 | require_once($sourcedir . '/Subs-Auth.php'); |
|
| @@ 446-447 (lines=2) @@ | ||
| 443 | if (!empty($_POST['tfa_code']) && empty($_POST['tfa_backup'])) |
|
| 444 | { |
|
| 445 | // Check to ensure we're forcing SSL for authentication |
|
| 446 | if (!empty($modSettings['force_ssl']) && empty($maintenance) && !httpsOn()) |
|
| 447 | fatal_lang_error('login_ssl_required'); |
|
| 448 | ||
| 449 | $code = $_POST['tfa_code']; |
|
| 450 | ||
| @@ 469-470 (lines=2) @@ | ||
| 466 | elseif (!empty($_POST['tfa_backup'])) |
|
| 467 | { |
|
| 468 | // Check to ensure we're forcing SSL for authentication |
|
| 469 | if (!empty($modSettings['force_ssl']) && empty($maintenance) && !httpsOn()) |
|
| 470 | fatal_lang_error('login_ssl_required'); |
|
| 471 | ||
| 472 | $backup = $_POST['tfa_backup']; |
|
| 473 | ||
| @@ 598-599 (lines=2) @@ | ||
| 595 | if ($check_password) |
|
| 596 | { |
|
| 597 | // Check to ensure we're forcing SSL for authentication |
|
| 598 | if (!empty($modSettings['force_ssl']) && empty($maintenance) && !httpsOn()) |
|
| 599 | fatal_lang_error('login_ssl_required'); |
|
| 600 | ||
| 601 | // You didn't even enter a password! |
|
| 602 | if (trim($_POST['oldpasswrd']) == '') |
|
| @@ 219-220 (lines=2) @@ | ||
| 216 | validateToken('register'); |
|
| 217 | ||
| 218 | // Check to ensure we're forcing SSL for authentication |
|
| 219 | if (!empty($modSettings['force_ssl']) && empty($maintenance) && !httpsOn()) |
|
| 220 | fatal_lang_error('register_ssl_required'); |
|
| 221 | ||
| 222 | // Start collecting together any errors. |
|
| 223 | $reg_errors = array(); |
|
| @@ 58-59 (lines=2) @@ | ||
| 55 | if (isset($_POST[$type . '_pass'])) |
|
| 56 | { |
|
| 57 | // Check to ensure we're forcing SSL for authentication |
|
| 58 | if (!empty($modSettings['force_ssl']) && empty($maintenance) && !httpsOn()) |
|
| 59 | fatal_lang_error('login_ssl_required'); |
|
| 60 | ||
| 61 | checkSession(); |
|
| 62 | ||
| @@ 4044-4045 (lines=2) @@ | ||
| 4041 | if (empty($user_settings['tfa_secret']) && $context['user']['is_owner']) |
|
| 4042 | { |
|
| 4043 | // Check to ensure we're forcing SSL for authentication |
|
| 4044 | if (!empty($modSettings['force_ssl']) && empty($maintenance) && !httpsOn()) |
|
| 4045 | fatal_lang_error('login_ssl_required'); |
|
| 4046 | ||
| 4047 | // In some cases (forced 2FA or backup code) they would be forced to be redirected here, |
|
| 4048 | // we do not want too much AJAX to confuse them. |
|
