fix http basic authentication

This commit is contained in:
Andrew Dolgov 2005-11-20 11:14:38 +01:00
parent 2317ffaae7
commit 8cb7480484
5 changed files with 32 additions and 8 deletions

View File

@ -604,9 +604,9 @@
} }
function http_authenticate_user($link) { function http_authenticate_user($link, $force_logout) {
if (!$_SERVER['PHP_AUTH_USER']) { if (!$_SERVER['PHP_AUTH_USER'] || $force_logout) {
header('WWW-Authenticate: Basic realm="Tiny Tiny RSS"'); header('WWW-Authenticate: Basic realm="Tiny Tiny RSS"');
header('HTTP/1.0 401 Unauthorized'); header('HTTP/1.0 401 Unauthorized');

View File

@ -1,12 +1,17 @@
<? <?
session_start(); session_start();
require_once "config.php";
$_SESSION["uid"] = null; $_SESSION["uid"] = null;
$_SESSION["name"] = null; $_SESSION["name"] = null;
$_SESSION["access_level"] = null; $_SESSION["access_level"] = null;
session_destroy(); session_destroy();
if (!USE_HTTP_AUTH) {
header("Location: login.php"); header("Location: login.php");
} else {
header("Location: tt-rss.php");
}
?> ?>

View File

@ -12,11 +12,12 @@
if (!USE_HTTP_AUTH) { if (!USE_HTTP_AUTH) {
if (!$_SESSION["uid"]) { if (!$_SESSION["uid"]) {
header("Location: login.php?rt=prefs.php"); header("Location: login.php?rt=tt-rss.php");
exit; exit;
} }
} else { } else {
authenticate_user($link); $force_logout = $_POST["ForceLogout"];
http_authenticate_user($link, $force_logout == "yes");
} }
} else { } else {
$_SESSION["uid"] = 1; $_SESSION["uid"] = 1;

View File

@ -587,6 +587,12 @@ td.welcomePrompt {
} }
td.httpWelcomePrompt {
font-size : small;
color : gray;
text-align : right;
}
table.loginForm { table.loginForm {
background-image : url("images/vgrad_light_rev.png"); background-image : url("images/vgrad_light_rev.png");
background-color : white; background-color : white;

View File

@ -16,7 +16,8 @@
exit; exit;
} }
} else { } else {
authenticate_user($link); $force_logout = $_POST["ForceLogout"];
http_authenticate_user($link, $force_logout == "yes");
} }
} else { } else {
$_SESSION["uid"] = 1; $_SESSION["uid"] = 1;
@ -77,7 +78,18 @@
</tr><tr><td class="welcomePrompt"> </tr><tr><td class="welcomePrompt">
<? if (!SINGLE_USER_MODE) { ?> <? if (!SINGLE_USER_MODE) { ?>
Hello, <b><?= $_SESSION["name"] ?></b> (<a href="logout.php">Logout</a>)</td> <? if (USE_HTTP_AUTH) { ?>
<table align="right"><tr>
<td class="httpWelcomePrompt">Hello, <b><?= $_SESSION["name"] ?></b></td>
<td><form action="tt-rss.php" method="POST">
<input type="hidden" name="ForceLogout" value="yes">
<input type="submit" class="button" value="Logout">
</form>
</td></tr></table>
<? } else { ?>
Hello, <b><?= $_SESSION["name"] ?></b>(<a href="logout.php">Logout</a>)
<? } ?>
</td>
<? } ?> <? } ?>
</tr></table> </tr></table>
</td> </td>