diff options
| author | Michael Hamann <michael@content-space.de> | 2011-10-15 15:06:35 +0200 |
|---|---|---|
| committer | Michael Hamann <michael@content-space.de> | 2011-10-15 15:06:35 +0200 |
| commit | 794fc9db8fe6b243f202c740cea5a677b683341b (patch) | |
| tree | 2e39adb634f430b48855615c7932e71740686108 /lib/exe | |
| parent | b760af946cf29d1bee05a5cb33cfc6e357df441f (diff) | |
| download | rpg-794fc9db8fe6b243f202c740cea5a677b683341b.tar.gz rpg-794fc9db8fe6b243f202c740cea5a677b683341b.tar.bz2 | |
Only send 401 if user is not logged in in XML-RPC FS#2133
If the user is already logged in, a 403 is sent instead now.
Diffstat (limited to 'lib/exe')
| -rw-r--r-- | lib/exe/xmlrpc.php | 6 |
1 files changed, 5 insertions, 1 deletions
diff --git a/lib/exe/xmlrpc.php b/lib/exe/xmlrpc.php index 93d7c70ba..6553d043f 100644 --- a/lib/exe/xmlrpc.php +++ b/lib/exe/xmlrpc.php @@ -53,7 +53,11 @@ class dokuwiki_xmlrpc_server extends IXR_IntrospectionServer { */ function call($methodname, $args){ if(!in_array($methodname,$this->public_methods) && !$this->checkAuth()){ - header('HTTP/1.1 401 Unauthorized'); + if (!isset($_SERVER['REMOTE_USER'])) { + header('HTTP/1.1 401 Unauthorized'); + } else { + header('HTTP/1.1 403 Forbidden'); + } return new IXR_Error(-32603, 'server error. not authorized to call method "'.$methodname.'".'); } return parent::call($methodname, $args); |