diff options
Diffstat (limited to 'phpBB/includes/auth/auth_apache.php')
| -rw-r--r-- | phpBB/includes/auth/auth_apache.php | 9 |
1 files changed, 9 insertions, 0 deletions
diff --git a/phpBB/includes/auth/auth_apache.php b/phpBB/includes/auth/auth_apache.php index 4c8293c707..25631e9f87 100644 --- a/phpBB/includes/auth/auth_apache.php +++ b/phpBB/includes/auth/auth_apache.php @@ -36,6 +36,15 @@ function login_apache(&$username, &$password) { global $db; + // do not allow empty password + if (!$password) + { + return array( + 'status' => LOGIN_BREAK, + 'error_msg' => 'NO_PASSWORD_SUPPLIED', + ); + } + if (!isset($_SERVER['PHP_AUTH_USER'])) { return array( |