diff options
Diffstat (limited to 'phpBB/includes/auth/auth_apache.php')
| -rw-r--r-- | phpBB/includes/auth/auth_apache.php | 14 |
1 files changed, 10 insertions, 4 deletions
diff --git a/phpBB/includes/auth/auth_apache.php b/phpBB/includes/auth/auth_apache.php index 5c34d7f768..2b9c068672 100644 --- a/phpBB/includes/auth/auth_apache.php +++ b/phpBB/includes/auth/auth_apache.php @@ -232,13 +232,19 @@ function validate_session_apache(&$user) if (!isset($_SERVER['PHP_AUTH_USER'])) { - return false; + $php_auth_user = ''; + set_var($php_auth_user, $_SERVER['PHP_AUTH_USER'], 'string', true); + + return ($php_auth_user === $user['username']) ? true : false; } - $php_auth_user = ''; - set_var($php_auth_user, $_SERVER['PHP_AUTH_USER'], 'string', true); + // PHP_AUTH_USER is not set. A valid session is now determined by the user type (anonymous/bot or not) + if ($user['user_type'] == USER_IGNORE) + { + return true; + } - return ($php_auth_user === $user['username']) ? true : false; + return false; } ?>
\ No newline at end of file |