fix http basic authentication

This commit is contained in:
Andrew Dolgov 2005-11-20 11:14:38 +01:00
parent 2317ffaae7
commit 8cb7480484
5 changed files with 32 additions and 8 deletions

View File

@ -604,9 +604,9 @@
}
function http_authenticate_user($link) {
function http_authenticate_user($link, $force_logout) {
if (!$_SERVER['PHP_AUTH_USER']) {
if (!$_SERVER['PHP_AUTH_USER'] || $force_logout) {
header('WWW-Authenticate: Basic realm="Tiny Tiny RSS"');
header('HTTP/1.0 401 Unauthorized');

View File

@ -1,12 +1,17 @@
<?
session_start();
require_once "config.php";
$_SESSION["uid"] = null;
$_SESSION["name"] = null;
$_SESSION["access_level"] = null;
session_destroy();
header("Location: login.php");
if (!USE_HTTP_AUTH) {
header("Location: login.php");
} else {
header("Location: tt-rss.php");
}
?>

View File

@ -12,11 +12,12 @@
if (!USE_HTTP_AUTH) {
if (!$_SESSION["uid"]) {
header("Location: login.php?rt=prefs.php");
header("Location: login.php?rt=tt-rss.php");
exit;
}
} else {
authenticate_user($link);
$force_logout = $_POST["ForceLogout"];
http_authenticate_user($link, $force_logout == "yes");
}
} else {
$_SESSION["uid"] = 1;

View File

@ -587,6 +587,12 @@ td.welcomePrompt {
}
td.httpWelcomePrompt {
font-size : small;
color : gray;
text-align : right;
}
table.loginForm {
background-image : url("images/vgrad_light_rev.png");
background-color : white;

View File

@ -16,7 +16,8 @@
exit;
}
} else {
authenticate_user($link);
$force_logout = $_POST["ForceLogout"];
http_authenticate_user($link, $force_logout == "yes");
}
} else {
$_SESSION["uid"] = 1;
@ -77,7 +78,18 @@
</tr><tr><td class="welcomePrompt">
<? if (!SINGLE_USER_MODE) { ?>
Hello, <b><?= $_SESSION["name"] ?></b> (<a href="logout.php">Logout</a>)</td>
<? if (USE_HTTP_AUTH) { ?>
<table align="right"><tr>
<td class="httpWelcomePrompt">Hello, <b><?= $_SESSION["name"] ?></b></td>
<td><form action="tt-rss.php" method="POST">
<input type="hidden" name="ForceLogout" value="yes">
<input type="submit" class="button" value="Logout">
</form>
</td></tr></table>
<? } else { ?>
Hello, <b><?= $_SESSION["name"] ?></b>(<a href="logout.php">Logout</a>)
<? } ?>
</td>
<? } ?>
</tr></table>
</td>