diff options
author | bugreport%peshkin.net <> | 2002-11-27 22:46:05 +0000 |
---|---|---|
committer | bugreport%peshkin.net <> | 2002-11-27 22:46:05 +0000 |
commit | bc3da73c9bfb25bab7416b473bdbcbed38d7ef3f (patch) | |
tree | da194bbadf1bc3eb6eb08afda0bf96686b7c007f /CGI.pl | |
parent | f45012516248617908cf1a5269b042fcec2b4037 (diff) | |
download | bugs-bc3da73c9bfb25bab7416b473bdbcbed38d7ef3f.tar bugs-bc3da73c9bfb25bab7416b473bdbcbed38d7ef3f.tar.gz bugs-bc3da73c9bfb25bab7416b473bdbcbed38d7ef3f.tar.bz2 bugs-bc3da73c9bfb25bab7416b473bdbcbed38d7ef3f.tar.xz bugs-bc3da73c9bfb25bab7416b473bdbcbed38d7ef3f.zip |
Bug 173761 Need ability to always require login
patch by joel
r=gerv, a=justdave
Diffstat (limited to 'CGI.pl')
-rw-r--r-- | CGI.pl | 23 |
1 files changed, 19 insertions, 4 deletions
@@ -219,7 +219,14 @@ sub get_netaddr { return join(".", unpack("CCCC", pack("N", $addr))); } -sub quietly_check_login() { +my $login_cookie_set = 0; +# If quietly_check_login is called with no arguments and logins are +# required, it will prompt for a login. +sub quietly_check_login { + if (Param('requirelogin') && !(@_)) { + confirm_login(); + return; + } $::disabledreason = ''; my $userid = 0; my $ipaddr = $ENV{'REMOTE_ADDR'}; @@ -561,11 +568,19 @@ sub confirm_login { $::COOKIE{"Bugzilla_logincookie"} = $logincookie; my $cookiepath = Param("cookiepath"); - print "Set-Cookie: Bugzilla_login= " . url_quote($enteredlogin) . " ; path=$cookiepath; expires=Sun, 30-Jun-2029 00:00:00 GMT\n"; - print "Set-Cookie: Bugzilla_logincookie=$logincookie ; path=$cookiepath; expires=Sun, 30-Jun-2029 00:00:00 GMT\n"; + if ($login_cookie_set == 0) { + $login_cookie_set = 1; + print "Set-Cookie: Bugzilla_login= " . url_quote($enteredlogin) . " ; path=$cookiepath; expires=Sun, 30-Jun-2029 00:00:00 GMT\n"; + print "Set-Cookie: Bugzilla_logincookie=$logincookie ; path=$cookiepath; expires=Sun, 30-Jun-2029 00:00:00 GMT\n"; + } } - $userid = quietly_check_login(); + # If anonymous logins are disabled, quietly_check_login will force + # the user to log in by calling confirm_login() when called by any + # code that does not call it with an argument. When confirm_login + # calls quietly_check_login, it must not result in confirm_login + # being called back. + $userid = quietly_check_login('do_not_recurse_here'); if (!$userid) { if ($::disabledreason) { |