KaiRo bug 371 - Make design somewhat more appealing

[authserver.git] / authorize.php

diff --git a/authorize.php b/authorize.php
index 33ffd09fc173be3807f574f6c27acb17b97e77d8..0740e23d152880eae48d826cad511c9b780cd9a9 100644 (file)
--- a/authorize.php
+++ b/authorize.php
@@ -22,6 +22,7 @@ $title->appendText('Authorization Request | KaiRo.at');
 $h1 = $body->appendElement('h1', 'KaiRo.at Authentication Server');
 
 $errors = $utils->checkForSecureConnection();
+$utils->sendSecurityHeaders();
 
 $para = $body->appendElement('p', _('This login system does not work without JavaScript. Please activate JavaScript for this site to log in.'));
 $para->setAttribute('id', 'jswarning');
@@ -71,7 +72,7 @@ if (!count($errors)) {
     }
     else {
       // Handle authorize request, forwarding code in GET parameters if the user has authorized your client.
-      $is_authorized = (($_POST['authorized'] === 'yes') || ($request->query['scope'] == 'email'));
+      $is_authorized = ((@$_POST['authorized'] === 'yes') || ($request->query['scope'] == 'email'));
       $server->handleAuthorizeRequest($request, $response, $is_authorized, $user['id']);
       /* For testing only
       if ($is_authorized) {