diff options
| author | Adrian Lang <lang@cosmocode.de> | 2009-11-04 11:01:15 +0100 |
|---|---|---|
| committer | Adrian Lang <lang@cosmocode.de> | 2009-11-04 11:01:15 +0100 |
| commit | c66972f2cb89e65a8bbf8e39d42e8e479f7eb8dc (patch) | |
| tree | 3d20030c333e987b42ff101ec339f2120f9f5883 /inc/auth.php | |
| parent | 1378fb56f6873b93fe002e8aed001e92857b5b5c (diff) | |
| download | rpg-c66972f2cb89e65a8bbf8e39d42e8e479f7eb8dc.tar.gz rpg-c66972f2cb89e65a8bbf8e39d42e8e479f7eb8dc.tar.bz2 | |
Emit less E_NOTICEs and E_STRICTs
Changes of behaviour are:
* Allow the user name, title & description \e2\80\9c0\e2\80\9d
* Default to Port 443 if using HTTPS
* Set $INFO['isadmin'] and $INFO['ismanager'] to \e2\80\9cfalse\e2\80\9d even if no user is
logged in
* Do not pass empty fragment field in the event data for event
ACTION_SHOW_REDIRECT
* Handle chunked encoding in HTTPClient
darcs-hash:20091104100115-e4919-5cf6397d4a457e3f98a8ca49fbdab03f2147721d.gz
Diffstat (limited to 'inc/auth.php')
| -rw-r--r-- | inc/auth.php | 15 |
1 files changed, 12 insertions, 3 deletions
diff --git a/inc/auth.php b/inc/auth.php index 0c0edef5f..7dd7eb557 100644 --- a/inc/auth.php +++ b/inc/auth.php @@ -74,7 +74,7 @@ if($conf['useacl']){ $_REQUEST['http_credentials'] = true; } - if($_REQUEST['authtok']){ + if(isset($_REQUEST['authtok'])){ // when an authentication token is given, trust the session auth_validateToken($_REQUEST['authtok']); }elseif(!is_null($auth) && $auth->canDo('external')){ @@ -336,7 +336,13 @@ function auth_ismanager($user=null,$groups=null,$adminonly=false){ global $USERINFO; if(!$conf['useacl']) return false; - if(is_null($user)) $user = $_SERVER['REMOTE_USER']; + if(is_null($user)) { + if (!isset($_SERVER['REMOTE_USER'])) { + return false; + } else { + $user = $_SERVER['REMOTE_USER']; + } + } if(is_null($groups)) $groups = (array) $USERINFO['grps']; $user = auth_nameencode($user); @@ -1019,7 +1025,7 @@ function auth_setCookie($user,$pass,$sticky) { // set cookie $cookie = base64_encode($user).'|'.((int) $sticky).'|'.base64_encode($pass); - if($sticky) $time = time()+60*60*24*365; //one year + $time = $sticky ? (time()+60*60*24*365) : 0; //one year if (version_compare(PHP_VERSION, '5.2.0', '>')) { setcookie(DOKU_COOKIE,$cookie,$time,DOKU_REL,'',($conf['securecookie'] && is_ssl()),true); }else{ @@ -1039,6 +1045,9 @@ function auth_setCookie($user,$pass,$sticky) { * @returns array */ function auth_getCookie(){ + if (!isset($_COOKIE[DOKU_COOKIE])) { + return array(null, null, null); + } list($user,$sticky,$pass) = explode('|',$_COOKIE[DOKU_COOKIE],3); $sticky = (bool) $sticky; $pass = base64_decode($pass); |