diff options
| author | Andrew Dolgov <[email protected]> | 2005-11-20 12:19:20 +0100 |
|---|---|---|
| committer | Andrew Dolgov <[email protected]> | 2005-11-20 12:19:20 +0100 |
| commit | b8aa49bc97bf0de775caf4689e3db3a226a7378a (patch) | |
| tree | 78c61a22e0ca9b2f18d127f83953e139c7fb6dc8 | |
| parent | bffdddd0b0c9d45c6d7b4c03015db554a691ed2c (diff) | |
more http auth related fixes, unified login sequence function
| -rw-r--r-- | functions.php | 34 | ||||
| -rw-r--r-- | logout.php | 7 | ||||
| -rw-r--r-- | prefs.php | 17 | ||||
| -rw-r--r-- | tt-rss.php | 16 |
4 files changed, 37 insertions, 37 deletions
diff --git a/functions.php b/functions.php index e6b5b8e6e..32540bf56 100644 --- a/functions.php +++ b/functions.php @@ -608,9 +608,12 @@ if (!$_SERVER['PHP_AUTH_USER'] || $force_logout) { + if ($force_logout) logout_user(); + header('WWW-Authenticate: Basic realm="Tiny Tiny RSS"'); header('HTTP/1.0 401 Unauthorized'); print "<h1>401 Unathorized</h1>"; + exit; } else { @@ -619,7 +622,7 @@ $password = db_escape_string($_SERVER['PHP_AUTH_PW']); return authenticate_user($link, $login, $password); - } + } } function make_password($length = 8) { @@ -659,4 +662,33 @@ } + function logout_user() { + $_SESSION["uid"] = null; + $_SESSION["name"] = null; + $_SESSION["access_level"] = null; + session_destroy(); + } + + function login_sequence($link) { + if (!SINGLE_USER_MODE) { + + if (!USE_HTTP_AUTH) { + if (!$_SESSION["uid"]) { + header("Location: login.php?rt=tt-rss.php"); + exit; + } + } else { + $force_logout = $_POST["ForceLogout"]; + + if (!http_authenticate_user($link, $force_logout == "yes")) { + if (!http_authenticate_user($link, true)) { + exit; + } + } + } + } else { + $_SESSION["uid"] = 1; + $_SESSION["name"] = "admin"; + } + } ?> diff --git a/logout.php b/logout.php index cfc9fd034..7757689dc 100644 --- a/logout.php +++ b/logout.php @@ -2,12 +2,9 @@ session_start(); require_once "config.php"; + require_once "functions.php"; - $_SESSION["uid"] = null; - $_SESSION["name"] = null; - $_SESSION["access_level"] = null; - - session_destroy(); + logout_user(); if (!USE_HTTP_AUTH) { header("Location: login.php"); @@ -8,22 +8,7 @@ $link = db_connect(DB_HOST, DB_USER, DB_PASS, DB_NAME); - if (!SINGLE_USER_MODE) { - - if (!USE_HTTP_AUTH) { - if (!$_SESSION["uid"]) { - header("Location: login.php?rt=tt-rss.php"); - exit; - } - } else { - $force_logout = $_POST["ForceLogout"]; - http_authenticate_user($link, $force_logout == "yes"); - } - } else { - $_SESSION["uid"] = 1; - $_SESSION["name"] = "admin"; - } - + login_sequence($link); ?> <html> <head> diff --git a/tt-rss.php b/tt-rss.php index e88dd19d0..8a43f4d4b 100644 --- a/tt-rss.php +++ b/tt-rss.php @@ -8,21 +8,7 @@ $link = db_connect(DB_HOST, DB_USER, DB_PASS, DB_NAME); - if (!SINGLE_USER_MODE) { - - if (!USE_HTTP_AUTH) { - if (!$_SESSION["uid"]) { - header("Location: login.php?rt=tt-rss.php"); - exit; - } - } else { - $force_logout = $_POST["ForceLogout"]; - http_authenticate_user($link, $force_logout == "yes"); - } - } else { - $_SESSION["uid"] = 1; - $_SESSION["name"] = "admin"; - } + login_sequence($link); ?> <html> |