more http auth related fixes, unified login sequence function

This commit is contained in:
Andrew Dolgov 2005-11-20 12:19:20 +01:00
parent bffdddd0b0
commit b8aa49bc97
4 changed files with 37 additions and 37 deletions

View File

@ -608,9 +608,12 @@
if (!$_SERVER['PHP_AUTH_USER'] || $force_logout) { if (!$_SERVER['PHP_AUTH_USER'] || $force_logout) {
if ($force_logout) logout_user();
header('WWW-Authenticate: Basic realm="Tiny Tiny RSS"'); header('WWW-Authenticate: Basic realm="Tiny Tiny RSS"');
header('HTTP/1.0 401 Unauthorized'); header('HTTP/1.0 401 Unauthorized');
print "<h1>401 Unathorized</h1>"; print "<h1>401 Unathorized</h1>";
exit; exit;
} else { } else {
@ -659,4 +662,33 @@
} }
function logout_user() {
$_SESSION["uid"] = null;
$_SESSION["name"] = null;
$_SESSION["access_level"] = null;
session_destroy();
}
function login_sequence($link) {
if (!SINGLE_USER_MODE) {
if (!USE_HTTP_AUTH) {
if (!$_SESSION["uid"]) {
header("Location: login.php?rt=tt-rss.php");
exit;
}
} else {
$force_logout = $_POST["ForceLogout"];
if (!http_authenticate_user($link, $force_logout == "yes")) {
if (!http_authenticate_user($link, true)) {
exit;
}
}
}
} else {
$_SESSION["uid"] = 1;
$_SESSION["name"] = "admin";
}
}
?> ?>

View File

@ -2,12 +2,9 @@
session_start(); session_start();
require_once "config.php"; require_once "config.php";
require_once "functions.php";
$_SESSION["uid"] = null; logout_user();
$_SESSION["name"] = null;
$_SESSION["access_level"] = null;
session_destroy();
if (!USE_HTTP_AUTH) { if (!USE_HTTP_AUTH) {
header("Location: login.php"); header("Location: login.php");

View File

@ -8,22 +8,7 @@
$link = db_connect(DB_HOST, DB_USER, DB_PASS, DB_NAME); $link = db_connect(DB_HOST, DB_USER, DB_PASS, DB_NAME);
if (!SINGLE_USER_MODE) { login_sequence($link);
if (!USE_HTTP_AUTH) {
if (!$_SESSION["uid"]) {
header("Location: login.php?rt=tt-rss.php");
exit;
}
} else {
$force_logout = $_POST["ForceLogout"];
http_authenticate_user($link, $force_logout == "yes");
}
} else {
$_SESSION["uid"] = 1;
$_SESSION["name"] = "admin";
}
?> ?>
<html> <html>
<head> <head>

View File

@ -8,21 +8,7 @@
$link = db_connect(DB_HOST, DB_USER, DB_PASS, DB_NAME); $link = db_connect(DB_HOST, DB_USER, DB_PASS, DB_NAME);
if (!SINGLE_USER_MODE) { login_sequence($link);
if (!USE_HTTP_AUTH) {
if (!$_SESSION["uid"]) {
header("Location: login.php?rt=tt-rss.php");
exit;
}
} else {
$force_logout = $_POST["ForceLogout"];
http_authenticate_user($link, $force_logout == "yes");
}
} else {
$_SESSION["uid"] = 1;
$_SESSION["name"] = "admin";
}
?> ?>
<html> <html>