[opw-web] Fix some warnings in unusual login paths

[Owen Taylor <otaylor src gnome org>]

commit b82feadd46551a04afedfa09b4d9c8edd7acf0ef
Author: Owen W. Taylor <otaylor fishsoup net>
Date:   Mon Mar 10 20:26:22 2014 -0400

    Fix some warnings in unusual login paths
    
    We were sometimes calling finish_login() but not passing/checking
    $user_created. Fix by doing the redirect right in finish_login.

 classes/class_user.php |   10 +++++++++-
 modules/mod_login.php  |   11 ++---------
 2 files changed, 11 insertions(+), 10 deletions(-)
---
diff --git a/classes/class_user.php b/classes/class_user.php
index 8e4056d..facf2f2 100644
--- a/classes/class_user.php
+++ b/classes/class_user.php
@@ -415,8 +415,10 @@ class user
         return $username;
     }
 
-    function finish_login($provider, &$user_created)
+    function finish_login($provider)
     {
+        global $core;
+
         $hybridauth = $this->hybridauth();
 
         if ($provider == "OpenID" && $hybridauth->isConnectedWith("OpenID")) {
@@ -445,6 +447,12 @@ class user
         $info = $this->lookup_user($username);
         $this->create_session($username, $info['is_admin']);
 
+        if ($user_created) {
+            // The first time a user logs in, take them to their profile
+            $username_url = urlencode($this->username);
+            $core->redirect("?q=user_profile&u={$username_url}");
+        }
+
         return true;
     }
 
diff --git a/modules/mod_login.php b/modules/mod_login.php
index 79b0a86..0d9c361 100644
--- a/modules/mod_login.php
+++ b/modules/mod_login.php
@@ -20,15 +20,8 @@ if ($user->is_logged_in)
 }
 
 // If we're on the end of successful authentication request
-if ($provider != '' && $user->finish_login($provider, $user_created)) {
-    if ($user_created) {
-        // The first time a user logs in, take them to their profile
-        $username_url = urlencode($user->username);
-        $core->redirect("?q=user_profile&u={$username_url}");
-    } else {
-        $core->redirect($dest_url);
-    }
-}
+if ($provider != '' && $user->finish_login($provider))
+    $core->redirect($dest_url);
 
 // Login data was submitted
 $login_openid = isset($_POST['login_openid']);