diff options
| author | Meik Sievertsen <acydburn@phpbb.com> | 2009-01-27 09:23:54 +0000 |
|---|---|---|
| committer | Meik Sievertsen <acydburn@phpbb.com> | 2009-01-27 09:23:54 +0000 |
| commit | 26b69ccafe7df8c9e12d929f4f8a0635975b0cdb (patch) | |
| tree | 1a34a91ab0f9af2b08602b6740fe8456cf38316e /phpBB/includes | |
| parent | 49f0ab0ccd1475be2ccd0661714628f40a370efd (diff) | |
| download | forums-26b69ccafe7df8c9e12d929f4f8a0635975b0cdb.tar forums-26b69ccafe7df8c9e12d929f4f8a0635975b0cdb.tar.gz forums-26b69ccafe7df8c9e12d929f4f8a0635975b0cdb.tar.bz2 forums-26b69ccafe7df8c9e12d929f4f8a0635975b0cdb.tar.xz forums-26b69ccafe7df8c9e12d929f4f8a0635975b0cdb.zip | |
Fix guest/bot session problems with apache authentication plugin (Bug #41085)
git-svn-id: file:///svn/phpbb/branches/phpBB-3_0_0@9306 89ea8834-ac86-4346-8a33-228a782c2dd0
Diffstat (limited to 'phpBB/includes')
| -rw-r--r-- | phpBB/includes/auth/auth_apache.php | 14 |
1 files changed, 13 insertions, 1 deletions
diff --git a/phpBB/includes/auth/auth_apache.php b/phpBB/includes/auth/auth_apache.php index 80ac81ed46..f6d5f418d0 100644 --- a/phpBB/includes/auth/auth_apache.php +++ b/phpBB/includes/auth/auth_apache.php @@ -104,7 +104,7 @@ function login_apache(&$username, &$password) 'user_row' => $row, ); } - + // Successful login... return array( 'status' => LOGIN_SUCCESS, @@ -227,6 +227,18 @@ function user_row_apache($username, $password) */ function validate_session_apache(&$user) { + // We only need to check authenticated users. For anonymous user as well as bots the session of course did not expire. + if ($user['user_id'] == ANONYMOUS) + { + return true; + } + + // Checking for a bot is a bit mroe complicated... but we are able to check this with the user type (anonymous has the same as bots) + if ($user['user_type'] == USER_IGNORE) + { + return true; + } + if (!isset($_SERVER['PHP_AUTH_USER'])) { return false; |