fix http basic authentication
This commit is contained in:
parent
2317ffaae7
commit
8cb7480484
5 changed files with 32 additions and 8 deletions
|
@ -604,9 +604,9 @@
|
|||
|
||||
}
|
||||
|
||||
function http_authenticate_user($link) {
|
||||
function http_authenticate_user($link, $force_logout) {
|
||||
|
||||
if (!$_SERVER['PHP_AUTH_USER']) {
|
||||
if (!$_SERVER['PHP_AUTH_USER'] || $force_logout) {
|
||||
|
||||
header('WWW-Authenticate: Basic realm="Tiny Tiny RSS"');
|
||||
header('HTTP/1.0 401 Unauthorized');
|
||||
|
|
|
@ -1,12 +1,17 @@
|
|||
<?
|
||||
session_start();
|
||||
|
||||
require_once "config.php";
|
||||
|
||||
$_SESSION["uid"] = null;
|
||||
$_SESSION["name"] = null;
|
||||
$_SESSION["access_level"] = null;
|
||||
|
||||
session_destroy();
|
||||
|
||||
if (!USE_HTTP_AUTH) {
|
||||
header("Location: login.php");
|
||||
|
||||
} else {
|
||||
header("Location: tt-rss.php");
|
||||
}
|
||||
?>
|
||||
|
|
|
@ -12,11 +12,12 @@
|
|||
|
||||
if (!USE_HTTP_AUTH) {
|
||||
if (!$_SESSION["uid"]) {
|
||||
header("Location: login.php?rt=prefs.php");
|
||||
header("Location: login.php?rt=tt-rss.php");
|
||||
exit;
|
||||
}
|
||||
} else {
|
||||
authenticate_user($link);
|
||||
$force_logout = $_POST["ForceLogout"];
|
||||
http_authenticate_user($link, $force_logout == "yes");
|
||||
}
|
||||
} else {
|
||||
$_SESSION["uid"] = 1;
|
||||
|
|
|
@ -587,6 +587,12 @@ td.welcomePrompt {
|
|||
|
||||
}
|
||||
|
||||
td.httpWelcomePrompt {
|
||||
font-size : small;
|
||||
color : gray;
|
||||
text-align : right;
|
||||
}
|
||||
|
||||
table.loginForm {
|
||||
background-image : url("images/vgrad_light_rev.png");
|
||||
background-color : white;
|
||||
|
|
16
tt-rss.php
16
tt-rss.php
|
@ -16,7 +16,8 @@
|
|||
exit;
|
||||
}
|
||||
} else {
|
||||
authenticate_user($link);
|
||||
$force_logout = $_POST["ForceLogout"];
|
||||
http_authenticate_user($link, $force_logout == "yes");
|
||||
}
|
||||
} else {
|
||||
$_SESSION["uid"] = 1;
|
||||
|
@ -77,7 +78,18 @@
|
|||
|
||||
</tr><tr><td class="welcomePrompt">
|
||||
<? if (!SINGLE_USER_MODE) { ?>
|
||||
Hello, <b><?= $_SESSION["name"] ?></b> (<a href="logout.php">Logout</a>)</td>
|
||||
<? if (USE_HTTP_AUTH) { ?>
|
||||
<table align="right"><tr>
|
||||
<td class="httpWelcomePrompt">Hello, <b><?= $_SESSION["name"] ?></b></td>
|
||||
<td><form action="tt-rss.php" method="POST">
|
||||
<input type="hidden" name="ForceLogout" value="yes">
|
||||
<input type="submit" class="button" value="Logout">
|
||||
</form>
|
||||
</td></tr></table>
|
||||
<? } else { ?>
|
||||
Hello, <b><?= $_SESSION["name"] ?></b>(<a href="logout.php">Logout</a>)
|
||||
<? } ?>
|
||||
</td>
|
||||
<? } ?>
|
||||
</tr></table>
|
||||
</td>
|
||||
|
|
Loading…
Reference in a new issue