diff options
| author | Andrew Dolgov <[email protected]> | 2006-03-16 11:57:22 +0100 |
|---|---|---|
| committer | Andrew Dolgov <[email protected]> | 2006-03-16 11:57:22 +0100 |
| commit | 7ae65adfc5dc8254bb2749af1f4e0ccc418406ec (patch) | |
| tree | 365f5993f4f9fa33878b14e6950f2b55ea2ba1c3 | |
| parent | 720200957d8735a5281d7aafe5b04326bdb4619f (diff) | |
prevent setting session cookie when user not logged in and tt-rss.php/prefs.php is requested
| -rw-r--r-- | functions.php | 11 | ||||
| -rw-r--r-- | prefs.php | 5 | ||||
| -rw-r--r-- | tt-rss.php | 5 |
3 files changed, 19 insertions, 2 deletions
diff --git a/functions.php b/functions.php index a7a17f9b5..18546ca18 100644 --- a/functions.php +++ b/functions.php @@ -839,6 +839,17 @@ return true; } + function basic_nosid_redirect_check() { + if (!SINGLE_USER_MODE) { + if (!$_COOKIE["ttrss_sid"]) { + $redirect_uri = get_login_redirect(); + $return_to = preg_replace('/.*?\//', '', $_SERVER["REQUEST_URI"]); + header("Location: $redirect_uri?rt=$return_to"); + exit; + } + } + } + function login_sequence($link) { if (!SINGLE_USER_MODE) { @@ -1,11 +1,14 @@ <? + require_once "functions.php"; + + basic_nosid_redirect_check(); + require_once "sessions.php"; require_once "sanity_check.php"; require_once "version.php"; require_once "config.php"; require_once "db-prefs.php"; - require_once "functions.php"; $link = db_connect(DB_HOST, DB_USER, DB_PASS, DB_NAME); diff --git a/tt-rss.php b/tt-rss.php index 9d125614d..e22d8408a 100644 --- a/tt-rss.php +++ b/tt-rss.php @@ -1,11 +1,14 @@ <? + require_once "functions.php"; + + basic_nosid_redirect_check(); + require_once "sessions.php"; require_once "sanity_check.php"; require_once "version.php"; require_once "config.php"; require_once "db-prefs.php"; - require_once "functions.php"; $link = db_connect(DB_HOST, DB_USER, DB_PASS, DB_NAME); |