Merge remote-tracking branch 'origin/support/2.7' into support/3.0

# Conflicts:
#	application/loginbasic.class.inc.php
#	application/loginexternal.class.inc.php
#	application/loginform.class.inc.php
#	application/loginurl.class.inc.php

application/loginbasic.class.inc.php

@@ -62,6 +62,8 @@ class LoginBasic extends AbstractLoginFSMExtension
 				$iErrorCode = LoginWebPage::EXIT_CODE_WRONGCREDENTIALS;
 				return LoginWebPage::LOGIN_FSM_ERROR;
 			}
+			// Save the checked user
+			$_SESSION['auth_user'] = $sAuthUser;
 		}
 		return LoginWebPage::LOGIN_FSM_CONTINUE;
 	}
@@ -70,8 +72,8 @@ class LoginBasic extends AbstractLoginFSMExtension
 	{
 		if (Session::Get('login_mode') == 'basic')
 		{
-			list($sAuthUser) = $this->GetAuthUserAndPassword();
-			LoginWebPage::OnLoginSuccess($sAuthUser, 'internal', Session::Get('login_mode'));
+			$sAuthUser = $_SESSION['auth_user'];
+			LoginWebPage::OnLoginSuccess($sAuthUser, 'internal', $_SESSION['login_mode']);
 		}
 		return LoginWebPage::LOGIN_FSM_CONTINUE;
 	}

application/loginexternal.class.inc.php

@@ -45,6 +45,8 @@ class LoginExternal extends AbstractLoginFSMExtension
 				$iErrorCode = LoginWebPage::EXIT_CODE_WRONGCREDENTIALS;
 				return LoginWebPage::LOGIN_FSM_ERROR;
 			}
+			// Save the checked user
+			$_SESSION['auth_user'] = $sAuthUser;
 		}
 		return LoginWebPage::LOGIN_FSM_CONTINUE;
 	}
@@ -53,8 +55,8 @@ class LoginExternal extends AbstractLoginFSMExtension
 	{
 		if (Session::Get('login_mode') == 'external')
 		{
-			$sAuthUser = $this->GetAuthUser();
-			LoginWebPage::OnLoginSuccess($sAuthUser, 'external', Session::Get('login_mode'));
+			$sAuthUser = $_SESSION['auth_user'];
+			LoginWebPage::OnLoginSuccess($sAuthUser, 'external', $_SESSION['login_mode']);
 		}
 		return LoginWebPage::LOGIN_FSM_CONTINUE;
 	}

application/loginform.class.inc.php

@@ -71,6 +71,8 @@ class LoginForm extends AbstractLoginFSMExtension implements iLoginUIExtension
 				$iErrorCode = LoginWebPage::EXIT_CODE_WRONGCREDENTIALS;
 				return LoginWebPage::LOGIN_FSM_ERROR;
 			}
+			// Save the checked user
+			$_SESSION['auth_user'] = $sAuthUser;
 		}
 		return LoginWebPage::LOGIN_FSM_CONTINUE;
 	}
@@ -82,15 +84,7 @@ class LoginForm extends AbstractLoginFSMExtension implements iLoginUIExtension
 	{
 		if (Session::Get('login_mode') == 'form')
 		{
-			if (Session::IsSet('auth_user'))
-			{
-				// If FSM reenter this state (example 2FA) then the auth_user is not resubmitted
-				$sAuthUser = Session::Get('auth_user');
-			}
-			else
-			{
-				$sAuthUser = utils::ReadPostedParam('auth_user', '', 'raw_data');
-			}
+			$sAuthUser = $_SESSION['auth_user'];
 			// Store 'auth_user' in session for further use
 			LoginWebPage::OnLoginSuccess($sAuthUser, 'internal', Session::Get('login_mode'));
 		}

application/loginurl.class.inc.php

@@ -60,6 +60,8 @@ class LoginURL extends AbstractLoginFSMExtension
 				$iErrorCode = LoginWebPage::EXIT_CODE_WRONGCREDENTIALS;
 				return LoginWebPage::LOGIN_FSM_ERROR;
 			}
+			// Save the checked user
+			$_SESSION['auth_user'] = $sAuthUser;
 		}
 		return LoginWebPage::LOGIN_FSM_CONTINUE;
 	}
@@ -68,8 +70,8 @@ class LoginURL extends AbstractLoginFSMExtension
 	{
 		if (Session::Get('login_mode') == 'url')
 		{
-			$sAuthUser = utils::ReadParam('auth_user', '', false, 'raw_data');
-			LoginWebPage::OnLoginSuccess($sAuthUser, 'internal', Session::Get('login_mode'));
+			$sAuthUser = $_SESSION['auth_user'];
+			LoginWebPage::OnLoginSuccess($sAuthUser, 'internal', $_SESSION['login_mode']);
 		}
 		return LoginWebPage::LOGIN_FSM_CONTINUE;
 	}