Don't use real textinputs for login_as and logout_from workflow. Some browser(-variants) fill them

with stored username/passwords and ignore the "value" attribute on post.

Author: Rajko Albrecht

interface/web/login/login_as.php

@@ -90,10 +90,8 @@
 	<br /> <br />	<br /> <br />
 	'.$wb['login_1_txt'].' ' .  $dbData['username'] . '?<br />
 	'.$wb['login_2_txt'].'<br />
-	<div style="visibility:hidden">
-		<input type="text" name="username" value="' . $dbData['username'] . '" />
-		<input type="password" name="password" value="' . $dbData['passwort'] .'" />
-	</div>
+	<input type="hidden" name="username" value="' . $dbData['username'] . '" />
+	<input type="hidden" name="password" value="' . $dbData['passwort'] .'" />
 	<input type="hidden" name="s_mod" value="dashboard" />
 	<input type="hidden" name="s_pg" value="dashboard" />
 	<input type="hidden" name="login_as" value="1" />

interface/web/login/logout.php

@@ -48,10 +48,8 @@
 	echo '
 		<br /> <br />	<br /> <br />
 		'.str_replace('{UTYPE}', $utype, $wb['login_as_or_logout_txt']).'<br />
-		<div style="visibility:hidden">
-			<input type="text" name="username" value="' . $_SESSION['s_old']['user']['username'] . '" />
-			<input type="password" name="password" value="' . $_SESSION['s_old']['user']['passwort'] .'" />
-		</div>
+		<input type="hidden" name="username" value="' . $_SESSION['s_old']['user']['username'] . '" />
+		<input type="hidden" name="password" value="' . $_SESSION['s_old']['user']['passwort'] .'" />
 		<input type="hidden" name="s_mod" value="login" />
 		<input type="hidden" name="s_pg" value="index" />
 		<input type="hidden" name="login_as" value="1" />