From 37b29231e47a0c4458dc1c15d98588f16f07e1e2 Mon Sep 17 00:00:00 2001
From: Marius Cramer <m.cramer@pixcept.de>
Date: Thu, 06 Aug 2015 03:18:44 -0400
Subject: [PATCH] - don't set password via remoting if field is empty

---
 interface/web/login/logout.php |    6 ++++--
 1 files changed, 4 insertions(+), 2 deletions(-)

diff --git a/interface/web/login/logout.php b/interface/web/login/logout.php
index 5e79629..5092aeb 100644
--- a/interface/web/login/logout.php
+++ b/interface/web/login/logout.php
@@ -43,9 +43,11 @@
 if ((isset($_SESSION['s_old']) && ($_SESSION['s_old']['user']['typ'] == 'admin' || $app->auth->has_clients($_SESSION['s_old']['user']['userid']))) &&
 	(!$forceLogout)){
 	$utype = ($_SESSION['s_old']['user']['typ'] == 'admin' ? 'admin' : 'reseller');
+	$lng_file = 'lib/lang/'.$_SESSION['s']['language'].'_login_as.lng';
+	include $lng_file;
 	echo '
 		<br /> <br />	<br /> <br />
-		Do you want to re-login as ' . $utype . ' or log out?<br />
+		'.str_replace('{UTYPE}', $utype, $wb['login_as_or_logout_txt']).'<br />
 		<div style="visibility:hidden">
 			<input type="text" name="username" value="' . $_SESSION['s_old']['user']['username'] . '" />
 			<input type="password" name="passwort" value="' . $_SESSION['s_old']['user']['passwort'] .'" />
@@ -54,7 +56,7 @@
 		<input type="hidden" name="s_pg" value="index" />
 	    <div class="wf_actions buttons">
 	      <button class="positive iconstxt icoPositive" type="button" value="Yes, re-login as ' . $utype . '" onclick="submitLoginForm(' . "'pageForm'" . ');"><span>Yes, re-login as ' . $utype . '</span></button>
-	      <button class="negative iconstxt icoNegative" type="button" value="No, logout" onclick="loadContent('. "'login/logout.php?l=1'" . ');"><span>No, logout</span></button>
+	      <button class="negative iconstxt icoNegative" type="button" value="No, logout" data-load-content="login/logout.php?l=1"><span>No, logout</span></button>
 	    </div>
 	';
 	exit;

--
Gitblit v1.9.1