Sometimes, user would have to press "Go" to login automatically. Which (logically) is annoying. I tracked down the Go button to the code below. Experimentally I removed this code (commented it) and the autologin hack seemed to function perfectly.
Therefore my question: What are the consequences of removing this code? (I'm not a PHP programmer ;))
Quote:
} else {
// confirm if some queries exist (against GET CSRF)
include XOOPS_ROOT_PATH . '/header.php' ;
echo '
<div class="confirmMsg">
<h4>'._LOGIN.'</h4>
<form method="post" action="'.XOOPS_URL.'/user.php?op=login">
<input type="hidden" name="xoops_redirect" value="'.htmlspecialchars( $GLOBALS['xoopsRequestUri'], ENT_QUOTES ).'" />' ;
echo $GLOBALS['xoopsSecurity']->getTokenHTML();
echo '
<input type="submit" name="confirm_submit" value="'._GO.'" />
</form>
</div>';
include XOOPS_ROOT_PATH . '/footer.php' ;
exit ;
}