Fix captcha on login page

README.md

@@ -95,7 +95,7 @@ ln -s /etc/systemd/system/hosting.timer /etc/systemd/system/multi-user.target.wa
 Add empty directories that should be copied when creating a new user and set permissions correctly:
 ```
 mkdir /var/www/skel/data /var/www/skel/Maildir /var/www/skel/tmp
-chmod 700 /var/www/skel/data /var/www/skel/Maildir /var/www/skel/tmp /var/www/skel/www
+chmod 750 /var/www/skel/data /var/www/skel/Maildir /var/www/skel/tmp /var/www/skel/www
 ```
 
 Live demo:

var/www/html/login.php

@@ -12,6 +12,7 @@ if(!empty($_SESSION['hosting_username'])){
 	exit;
 }
 $msg='';
+$username='';
 if($_SERVER['REQUEST_METHOD']==='POST'){
 	$ok=true;
 	if(CAPTCHA){
@@ -53,16 +54,21 @@ if($_SERVER['REQUEST_METHOD']==='POST'){
 		if($tmp){
 			if(!isset($_POST['pass']) || !password_verify($_POST['pass'], $tmp[1])){
 				$msg.='<p style="color:red;">Error, wrong password.</p>';
+				$ok=false;
 			}else{
-				$_SESSION['hosting_username']=$tmp[0];
-				session_write_close();
-				header('Location: home.php');
-				exit;
+				$username=$tmp[0];
 			}
 		}else{
 			$msg.='<p style="color:red;">Error, username was not found. If you forgot it, you can enter youraccount.onion instead.</p>';
+			$ok=false;
 		}
 	}
+	if($ok){
+		$_SESSION['hosting_username']=$username;
+		session_write_close();
+		header('Location: home.php');
+		exit;
+	}
 }
 echo '<!DOCTYPE html><html><head>';
 echo '<title>Daniel\'s Hosting - Login</title>';