Use OC_Util::displayLoginPage and cleanup the function

core/templates/login.php

@@ -2,16 +2,16 @@
 <form action="index.php" method="post">
 	<fieldset>
 		<?php if(!empty($_['redirect'])) { echo '<input type="hidden" name="redirect_url" value="'.$_['redirect'].'" />'; } ?>
-		<?php if($_['error']): ?>
+		<?php if($_['display_lostpassword']): ?>
 			<a href="./core/lostpassword/"><?php echo $l->t('Lost your password?'); ?></a>
 		<?php endif; ?>
 		<p class="infield">
 			<label for="user" class="infield"><?php echo $l->t( 'Username' ); ?></label>
-			<input type="text" name="user" id="user" value="<?php echo !empty($_POST['user'])?OC_Util::sanitizeHTML($_POST['user'],ENT_COMPAT,'utf-8').'"':'" autofocus'; ?> autocomplete="on" required />
+			<input type="text" name="user" id="user" value="<?php echo $_['username']; ?>"<?php echo $_['user_autofocus']?' autofocus':''; ?> autocomplete="on" required />
 		</p>
 		<p class="infield">
 			<label for="password" class="infield"><?php echo $l->t( 'Password' ); ?></label>
-			<input type="password" name="password" id="password" value="" required <?php echo !empty($_POST['user'])?'autofocus':''; ?> />
+			<input type="password" name="password" id="password" value="" required<?php echo $_['user_autofocus']?'':' autofocus'; ?> />
 			<input type="hidden" name="sectoken" id="sectoken" value="<?php echo($_['sectoken']); ?>"  />
 		</p>
 		<input type="checkbox" name="remember_login" value="1" id="remember_login" /><label for="remember_login"><?php echo $l->t('remember'); ?></label>

index.php

@@ -43,9 +43,6 @@ if (!OC::handleRequest()) {
 		$error = true;
 	}
 	if(!array_key_exists('sectoken', $_SESSION) || (array_key_exists('sectoken', $_SESSION) && is_null(OC::$REQUESTEDFILE)) || substr(OC::$REQUESTEDFILE, -3) == 'php'){
-		$sectoken=rand(1000000,9999999);
-		$_SESSION['sectoken']=$sectoken;
-		$redirect_url = (isset($_REQUEST['redirect_url'])) ? OC_Util::sanitizeHTML($_REQUEST['redirect_url']) : $_SERVER['REQUEST_URI'];
-		OC_Template::printGuestPage('', 'login', array('error' => $error, 'sectoken' => $sectoken, 'redirect' => $redirect_url));
+		OC_Util::displayLoginPage($error);
 	}
 }

lib/util.php

@@ -271,15 +271,26 @@ class OC_Util {
 		return $errors;
 	}
 
-	public static function displayLoginPage($parameters = array()){
-		if(isset($_COOKIE["username"])){
-			$parameters["username"] = $_COOKIE["username"];
+	public static function displayLoginPage($display_lostpassword) {
+		$parameters = array();
+		$parameters['display_lostpassword'] = $display_lostpassword;
+		if (!empty($_POST['user'])) {
+			$parameters["username"] =
+				OC_Util::sanitizeHTML($_POST['user']).'"';
+			$parameters['user_autofocus'] = false;
 		} else {
 			$parameters["username"] = '';
+			$parameters['user_autofocus'] = true;
 		}
 		$sectoken=rand(1000000,9999999);
 		$_SESSION['sectoken']=$sectoken;
 		$parameters["sectoken"] = $sectoken;
+		if (isset($_REQUEST['redirect_url'])) {
+			$redirect_url = OC_Util::sanitizeHTML($_REQUEST['redirect_url']);
+		} else {
+			$redirect_url = $_SERVER['REQUEST_URI'];
+		}
+		$parameters['redirect_url'] = $redirect_url;
 		OC_Template::printGuestPage("", "login", $parameters);
 	}