From 66917e70d0e654cea6a9632cb7ed886f00704f45 Mon Sep 17 00:00:00 2001
From: Andrew Dolgov <fox@madoka.spb.ru>
Date: Wed, 5 Dec 2007 10:07:33 +0100
Subject: new option: ALLOW_REMOTE_USER_AUTH

---
 functions.php | 9 +++++++--
 1 file changed, 7 insertions(+), 2 deletions(-)

(limited to 'functions.php')

diff --git a/functions.php b/functions.php
index 3644bc25d..2df75f10a 100644
--- a/functions.php
+++ b/functions.php
@@ -1560,10 +1560,15 @@
 			$pwd_hash1 = encrypt_password($password);
 			$pwd_hash2 = encrypt_password($password, $login);
 
-			if ($force_auth && defined('_DEBUG_USER_SWITCH')) {
+			if (defined('ALLOW_REMOTE_USER_AUTH') && ALLOW_REMOTE_USER_AUTH 
+					&& $_SERVER["REMOTE_USER"]) {
+
+				$login = db_escape_string($_SERVER["REMOTE_USER"]);
+
 				$query = "SELECT id,login,access_level
 	            FROM ttrss_users WHERE
-		         login = '$login'";
+					login = '$login'";
+
 			} else {
 				$query = "SELECT id,login,access_level,pwd_hash
 	            FROM ttrss_users WHERE
-- 
cgit v1.2.3