save module user authenticated with, only allow password change if module is 'internal'

author: Andrew Dolgov <[email protected]> 2012-08-16 16:00:50 +0400
committer: Andrew Dolgov <[email protected]> 2012-08-16 16:00:50 +0400
commit: 200e0d4ebbd98da452c3eb120cb55b155764f614 (patch)
tree: f0a618dac101cf66d5fdcf25b996c33bc907d18a /classes
parent: 1e666f0aeba4abfb6a9e4b555640bcb4859de066 (diff)
2 files changed, 1 insertions, 2 deletions
diff --git a/classes/auth_remote.php b/classes/auth_remote.php
index 789976050..6892a3528 100644
--- a/classes/auth_remote.php
+++ b/classes/auth_remote.php
@@ -31,7 +31,6 @@ class Auth_Remote extends Auth_Base {
 				$_SESSION["fake_password"] = "******";
 				$_SESSION["hide_hello"] = true;
 				$_SESSION["hide_logout"] = true;
-				$_SESSION["hide_change_password"] = true;
 
 				// LemonLDAP can send user informations via HTTP HEADER
 				if (defined('AUTH_AUTO_CREATE') && AUTH_AUTO_CREATE){
diff --git a/classes/pref_prefs.php b/classes/pref_prefs.php
index 9d2095217..5339095ba 100644
--- a/classes/pref_prefs.php
+++ b/classes/pref_prefs.php
@@ -214,7 +214,7 @@ class Pref_Prefs extends Protected_Handler {
 
 		print "</form>";
 
-		if (!SINGLE_USER_MODE && !$_SESSION["hide_change_password"]) {
+		if (!SINGLE_USER_MODE && $_SESSION["auth_module"] == 'internal') {
 
 			$result = db_query($this->link, "SELECT id FROM ttrss_users
 				WHERE id = ".$_SESSION["uid"]." AND pwd_hash
author	Andrew Dolgov <[email protected]>	2012-08-16 16:00:50 +0400
committer	Andrew Dolgov <[email protected]>	2012-08-16 16:00:50 +0400
commit	200e0d4ebbd98da452c3eb120cb55b155764f614 (patch)
tree	f0a618dac101cf66d5fdcf25b996c33bc907d18a /classes
parent	1e666f0aeba4abfb6a9e4b555640bcb4859de066 (diff)