From 66917e70d0e654cea6a9632cb7ed886f00704f45 Mon Sep 17 00:00:00 2001 From: Andrew Dolgov Date: Wed, 5 Dec 2007 10:07:33 +0100 Subject: new option: ALLOW_REMOTE_USER_AUTH --- config.php-dist | 8 +++++++- functions.php | 9 +++++++-- sanity_check.php | 2 +- 3 files changed, 15 insertions(+), 4 deletions(-) diff --git a/config.php-dist b/config.php-dist index 8001513d0..5edb79aa3 100644 --- a/config.php-dist +++ b/config.php-dist @@ -164,7 +164,13 @@ define('DAEMON_FEED_LIMIT', 100); // Limits the amount of feeds daemon updates on one run - define('CONFIG_VERSION', 12); + define('ALLOW_REMOTE_USER_AUTH', false); + // Set to 'true' if you trust your web server's REMOTE_USER + // environment variable to validate that the user is logged in. This + // option can be used to integrate tt-rss with Apache's external + // authentication modules. + + define('CONFIG_VERSION', 13); // Expected config version. Please update this option in config.php // if necessary (after migrating all new options from this file). diff --git a/functions.php b/functions.php index 3644bc25d..2df75f10a 100644 --- a/functions.php +++ b/functions.php @@ -1560,10 +1560,15 @@ $pwd_hash1 = encrypt_password($password); $pwd_hash2 = encrypt_password($password, $login); - if ($force_auth && defined('_DEBUG_USER_SWITCH')) { + if (defined('ALLOW_REMOTE_USER_AUTH') && ALLOW_REMOTE_USER_AUTH + && $_SERVER["REMOTE_USER"]) { + + $login = db_escape_string($_SERVER["REMOTE_USER"]); + $query = "SELECT id,login,access_level FROM ttrss_users WHERE - login = '$login'"; + login = '$login'"; + } else { $query = "SELECT id,login,access_level,pwd_hash FROM ttrss_users WHERE diff --git a/sanity_check.php b/sanity_check.php index 5c90eae74..1f0706dc0 100644 --- a/sanity_check.php +++ b/sanity_check.php @@ -1,7 +1,7 @@