From 5d2b1ae05697e0326bd7076b4906d59ad98e9ba6 Mon Sep 17 00:00:00 2001
From: Bharat Mediratta <bharat@menalto.com>
Date: Fri, 19 Dec 2008 03:05:11 +0000
Subject: Don't try to validate the form unless it's a POST request.

---
 modules/user/controllers/login.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

(limited to 'modules/user/controllers')

diff --git a/modules/user/controllers/login.php b/modules/user/controllers/login.php
index 4226ef9c..3c1d6542 100644
--- a/modules/user/controllers/login.php
+++ b/modules/user/controllers/login.php
@@ -25,7 +25,7 @@ class Login_Controller extends Controller {
     $group->password("password")->label(_("Password"))->id("gPassword")->class(null);
     $group->inputs["name"]->error_messages("invalid_login", _("Invalid name or password"));
 
-    if ($form->validate()) {
+    if (request::method() == "post" && $form->validate()) {
       $user = ORM::factory("user")->where("name", $group->inputs["name"]->value)->find();
       if ($user->loaded &&
           user::is_correct_password($user, $group->password->value)) {
-- 
cgit v1.2.3