Fix handling of failed authentication loading

In the case of a failed authentication initialization, the authentication setup was simply continued with an unset $auth object. This restores the previous behavior (before merging #141) of simply returning after unsetting $auth. Furthermore this re-introduces the check if $auth is set before checking $auth and removes a useless check if $auth is true (could never be false).
dokuwiki · Feb 20, 2013 · 6416b70 · 6416b70
1 parent a4ce95c
commit 6416b70
Showing 1 changed file with 3 additions and 2 deletions.
diff --git a/inc/auth.php b/inc/auth.php
@@ -54,16 +54,17 @@ function auth_setup() {
     	}
     }
 
-	if(!$auth){
+	if(!isset($auth) || !$auth){
         msg($lang['authtempfail'], -1);
         return false;
     }
 
-	if ($auth && $auth->success == false) {
+    if ($auth->success == false) {
 		// degrade to unauthenticated user
 	    unset($auth);
 	    auth_logoff();
 	    msg($lang['authtempfail'], -1);
+        return false;
 	}
 
     // do the login either by cookie or provided credentials XXX