diff options
| author | Andreas Gohr <andi@splitbrain.org> | 2007-06-25 22:52:28 +0200 |
|---|---|---|
| committer | Andreas Gohr <andi@splitbrain.org> | 2007-06-25 22:52:28 +0200 |
| commit | 0f4f4adfcb496009aa1913a09e2300a455f7b866 (patch) | |
| tree | 25a88993022ffc88962c1fe7bf560db5d97c0616 /inc/auth.php | |
| parent | 943dedc690b7b8e32e00f7ae3d64e51cfe9a44b2 (diff) | |
| download | rpg-0f4f4adfcb496009aa1913a09e2300a455f7b866.tar.gz rpg-0f4f4adfcb496009aa1913a09e2300a455f7b866.tar.bz2 | |
degrade to unauthed user when auth backen unavailable FS#1168
Instead of disabling the whole ACL feature when the auth backend is unavailable
just degrade the user to an anonymous user.
darcs-hash:20070625205228-7ad00-19cfa3c302b4ee63f0a6562823c5d550f9c9755c.gz
Diffstat (limited to 'inc/auth.php')
| -rw-r--r-- | inc/auth.php | 9 |
1 files changed, 4 insertions, 5 deletions
diff --git a/inc/auth.php b/inc/auth.php index 2511516c2..c30aabe82 100644 --- a/inc/auth.php +++ b/inc/auth.php @@ -39,11 +39,10 @@ if (class_exists($auth_class)) { $auth = new $auth_class(); if ($auth->success == false) { + // degrade to unauthenticated user unset($auth); + auth_logoff(); msg($lang['authtempfail'], -1); - - // turn acl config setting off for the rest of this page - $conf['useacl'] = 0; } } else { nice_die($lang['authmodfailed']); @@ -54,7 +53,7 @@ } // do the login either by cookie or provided credentials - if($conf['useacl']){ + if($conf['useacl'] && $auth){ if (!isset($_REQUEST['u'])) $_REQUEST['u'] = ''; if (!isset($_REQUEST['p'])) $_REQUEST['p'] = ''; if (!isset($_REQUEST['r'])) $_REQUEST['r'] = ''; @@ -125,7 +124,7 @@ function auth_login($user,$pass,$sticky=false,$silent=false){ if ($auth->checkPass($user,$pass)){ // make logininfo globally available $_SERVER['REMOTE_USER'] = $user; - $USERINFO = $auth->getUserData($user); //FIXME move all references to session + $USERINFO = $auth->getUserData($user); // set cookie $pass = PMA_blowfish_encrypt($pass,auth_cookiesalt()); |