From 52ba793640e30811c1168fda88b47d930b79ec2c Mon Sep 17 00:00:00 2001
From: FusionPBX <markjcrane@gmail.com>
Date: Sat, 1 Jul 2017 09:44:34 -0600
Subject: [PATCH] Update check_auth.php

---
 resources/check_auth.php | 15 +++++++--------
 1 file changed, 7 insertions(+), 8 deletions(-)

diff --git a/resources/check_auth.php b/resources/check_auth.php
index 7ccdbaab51..ffba0f7831 100644
--- a/resources/check_auth.php
+++ b/resources/check_auth.php
@@ -45,6 +45,13 @@
 	if (!isset($_SESSION['login']['destination']['url'])) { $_SESSION['login']['destination']['url'] = null; }
 	if (!isset($_SESSION['template_content'])) { $_SESSION["template_content"] = null; }
 
+//if the username is not provided then send to login.php
+	if (strlen($_REQUEST["username"]) == 0 && strlen($_REQUEST["key"]) == 0) {
+		$target_path = ($_REQUEST["path"] != '') ? $_REQUEST["path"] : $_SERVER["REQUEST_URI"];
+		header("Location: ".PROJECT_PATH."/login.php?path=".urlencode($target_path));
+		exit;
+	}
+
 //if the username session is not set the check username and password
 	if (strlen($_SESSION['username']) == 0 && isset($_REQUEST["username"]) && isset($_REQUEST["password"])) {
 
@@ -56,14 +63,6 @@
 				$_SESSION["template_content"] = '';
 			}
 
-		//if the username is not provided then send to login.php
-			if (strlen($_REQUEST["username"]) == 0 && strlen($_REQUEST["key"]) == 0) {
-				$target_path = ($_REQUEST["path"] != '') ? $_REQUEST["path"] : $_SERVER["REQUEST_URI"];
-				messages::add($text['message-invalid_credentials'], 'negative');
-				header("Location: ".PROJECT_PATH."/login.php?path=".urlencode($target_path));
-				exit;
-			}
-
 		//validate the username and password
 			$auth = new authentication;
 			if (strlen($_REQUEST["username"]) > 0) {