summaryrefslogtreecommitdiff
path: root/functions.php
diff options
context:
space:
mode:
Diffstat (limited to 'functions.php')
-rw-r--r--functions.php25
1 files changed, 21 insertions, 4 deletions
diff --git a/functions.php b/functions.php
index e408376b5..02228c886 100644
--- a/functions.php
+++ b/functions.php
@@ -1011,14 +1011,23 @@
return true;
}
- function authenticate_user($link, $login, $password) {
+ function authenticate_user($link, $login, $password, $force_auth = false) {
if (!SINGLE_USER_MODE) {
$pwd_hash = 'SHA1:' . sha1($password);
-
- $result = db_query($link, "SELECT id,login,access_level FROM ttrss_users WHERE
- login = '$login' AND pwd_hash = '$pwd_hash'");
+
+ if ($force_auth && defined('_DEBUG_USER_SWITCH')) {
+ $query = "SELECT id,login,access_level
+ FROM ttrss_users WHERE
+ login = '$login'";
+ } else {
+ $query = "SELECT id,login,access_level
+ FROM ttrss_users WHERE
+ login = '$login' AND pwd_hash = '$pwd_hash'";
+ }
+
+ $result = db_query($link, $query);
if (db_num_rows($result) == 1) {
$_SESSION["uid"] = db_fetch_result($result, 0, "id");
@@ -1145,6 +1154,14 @@
function login_sequence($link) {
if (!SINGLE_USER_MODE) {
+ if (defined('_DEBUG_USER_SWITCH') && $_SESSION["uid"]) {
+ $swu = db_escape_string($_REQUEST["swu"]);
+ if ($swu) {
+ $_SESSION["prefs_cache"] = false;
+ return authenticate_user($link, $swu, null, true);
+ }
+ }
+
if (!validate_session($link)) {
logout_user();
$redirect_uri = get_login_redirect();
generated by cgit v1.2.3 (git 2.25.1) at 2024-07-16 03:59:33 +0000