fixed error xss in login page

pandora_console/general/login_page.php

@@ -134,11 +134,6 @@ echo '<div class="login_page">';
 	switch ($login_screen) {
 		case 'logout':
 		case 'login':
-			if (!empty ($page) && !empty ($sec)) {
-				foreach ($_POST as $key => $value) {
-					html_print_input_hidden ($key, $value);
-				}
-			}
 			if ($config['auth'] == 'saml') {
 				echo '<div id="log_nick" class="login_nick" style="display: none;">';
 					echo '<div>';
@@ -190,11 +185,6 @@ echo '<div class="login_page">';
 			
 			break;
 		case 'double_auth':
-			if (!empty ($page) && !empty ($sec)) {
-				foreach ($_POST as $key => $value) {
-					html_print_input_hidden ($key, $value);
-				}
-			}
 			echo '<div class="login_nick">';
 			echo '<div>';
 				html_print_image ("/images/icono_autenticacion.png", false);

pandora_console/index.php

@@ -351,7 +351,7 @@ if (! isset ($config['id_user'])) {
 			
 			if (($nick_in_db != false) && ((!is_user_admin($nick)
 				|| $config['enable_pass_policy_admin']))
-				&& (defined('PANDORA_ENTERPRISE'))
+				&& (file_exists (ENTERPRISE_DIR . "/load_enterprise.php"))
 				&& ($config['enable_pass_policy'])) {
 				include_once(ENTERPRISE_DIR . "/include/auth/mysql.php");
 				
@@ -523,12 +523,12 @@ if (! isset ($config['id_user'])) {
 		else { //login wrong
 			$blocked = false;
 			
-			if ((!is_user_admin($nick) || $config['enable_pass_policy_admin']) && defined('PANDORA_ENTERPRISE')) {
+			if ((!is_user_admin($nick) || $config['enable_pass_policy_admin']) && file_exists (ENTERPRISE_DIR . "/load_enterprise.php")) {
 				$blocked = login_check_blocked($nick);
 			}
 			
 			if (!$blocked) {
-				if (defined('PANDORA_ENTERPRISE')) {
+				if (file_exists (ENTERPRISE_DIR . "/load_enterprise.php")) {
 					login_check_failed($nick); //Checks failed attempts
 				}
 				$login_failed = true;