Login page not showing "Invalid Username and/or Password" message

[GoogleCodeExporter]

1. Go to login page
2. Enter invalid login information
3. The login page will reload, but no error message will be displayed.

The message "Invalid Username and/or Password" is getting set into a session 
var in check_auth.php before the redirect, but that doesn't seem to be 
persisting (couldn't find it in an output of all session vars)

Version 3.7.1, Debian 7.7

I'm still poking at this - will post anything I find.

Original issue reported on code.google.com by teleut...@gmail.com on 12 Dec 2014 at 9:13

[GoogleCodeExporter]

The check_auth is setting that message, but the session is getting completely 
cleared at the start of /login.php.  Also, resources/login.php seems to be 
looking for $msg in GET (which I think was the older way of doing it?)

As a test, before the session_destroy call in login.php, I get $_GET['msg'] to 
$_SESSION['message'].  Then in resources/login.php I changed one of the cases 
in the case statement to match the login text.  That connected and displayed 
the invalid login message.  Obviously not the right way to do it, but I wanted 
to see what pieces were still active/being looked for.

Original comment by teleut...@gmail.com on 12 Dec 2014 at 9:26

[GoogleCodeExporter]

Fixed with r8228.  Please update, and verify.  Thanks.

Original comment by sevenate on 14 Apr 2015 at 1:37

• Changed state: Fixed

[GoogleCodeExporter]

I'm out of the office for a while but will try as soon as I get a chance.  
Thanks!

Original comment by teleut...@gmail.com on 14 Apr 2015 at 7:04