diff --git a/includes/access.php b/includes/access.php
index 0449d11..2edeaaa 100644
--- a/includes/access.php
+++ b/includes/access.php
@@ -60,7 +60,7 @@ class="wide" type='text' name='input_user' />
session_start();
-if(!$_SESSION['authenticated']) {
+if(!isset($_SESSION['authenticated'])) {
if (isset($_COOKIE['todotxt-user']) && isset($_COOKIE['todotxt-pass'])) {
@@ -71,7 +71,7 @@ class="wide" type='text' name='input_user' />
displayform(1);
}
- } elseif($_POST['loginbutton']) {
+ } elseif(isset($_POST['loginbutton'])) {
if (($_POST['input_user'] == $user) && ($_POST['input_password'] == $password)) {
@@ -82,7 +82,7 @@ class="wide" type='text' name='input_user' />
setcookie('todotxt-pass', md5($_POST['input_password']), $expire);
}
$_SESSION['authenticated'] = 1;
- header("Location:".$todoURL);
+ header("Location:".$todoUrl);
} else {
displayform(1);
diff --git a/includes/todo.php b/includes/todo.php
index b1d8759..0dc1f8b 100644
--- a/includes/todo.php
+++ b/includes/todo.php
@@ -2,11 +2,12 @@
// process $_POST
function get_cmd($_POST, $id='cmd') {
- if($cmd=$_POST[$id]) {
+ if(isset($_POST[$id]) && $cmd=$_POST[$id]) {
$cmd=rawurldecode($cmd);
$cmd=stripslashes($cmd);
}
- return $cmd;
+ if(isset($cmd))
+ return $cmd;
}
// checks if a command is an ls command or not
diff --git a/index.php b/index.php
index edf1e49..a79c1f1 100644
--- a/index.php
+++ b/index.php
@@ -2,7 +2,7 @@
require_once('includes/config.php');
require_once('includes/access.php');
require_once('includes/todo.php');
-if($_GET['logout'] == 'true') {logout();}
+if(isset($_GET['logout'])) { $_GET['logout'] == 'true' ? logout() : '';}
$cmd = get_cmd($_POST);
$cmd2 = get_cmd($_POST, 'cmd2');
?>