new option: ALLOW_REMOTE_USER_AUTH

This commit is contained in:
Andrew Dolgov 2007-12-05 10:07:33 +01:00
parent fc46ab83bb
commit 66917e70d0
3 changed files with 15 additions and 4 deletions

View file

@ -164,7 +164,13 @@
define('DAEMON_FEED_LIMIT', 100);
// Limits the amount of feeds daemon updates on one run
define('CONFIG_VERSION', 12);
define('ALLOW_REMOTE_USER_AUTH', false);
// Set to 'true' if you trust your web server's REMOTE_USER
// environment variable to validate that the user is logged in. This
// option can be used to integrate tt-rss with Apache's external
// authentication modules.
define('CONFIG_VERSION', 13);
// Expected config version. Please update this option in config.php
// if necessary (after migrating all new options from this file).

View file

@ -1560,10 +1560,15 @@
$pwd_hash1 = encrypt_password($password);
$pwd_hash2 = encrypt_password($password, $login);
if ($force_auth && defined('_DEBUG_USER_SWITCH')) {
if (defined('ALLOW_REMOTE_USER_AUTH') && ALLOW_REMOTE_USER_AUTH
&& $_SERVER["REMOTE_USER"]) {
$login = db_escape_string($_SERVER["REMOTE_USER"]);
$query = "SELECT id,login,access_level
FROM ttrss_users WHERE
login = '$login'";
login = '$login'";
} else {
$query = "SELECT id,login,access_level,pwd_hash
FROM ttrss_users WHERE

View file

@ -1,7 +1,7 @@
<?php
require_once "functions.php";
define('EXPECTED_CONFIG_VERSION', 12);
define('EXPECTED_CONFIG_VERSION', 13);
define('SCHEMA_VERSION', 27);
if (!file_exists("config.php")) {