whitespace changes. Make Privacy test an else so that PRIVACY checks don't happen if not logged in
This commit is contained in:
parent
4b30ea7877
commit
0823b28712
|
@ -205,7 +205,15 @@ isset($view) || $view = NULL;
|
||||||
isset($request) || $request = NULL;
|
isset($request) || $request = NULL;
|
||||||
isset($action) || $action = NULL;
|
isset($action) || $action = NULL;
|
||||||
|
|
||||||
if ( ZM_ENABLE_CSRF_MAGIC && $action != 'login' && $view != 'view_video' && $request != 'control' && $view != 'frames' && $view != 'archive' ) {
|
Logger::Debug("View: $view Request: $request Action: $action");
|
||||||
|
if (
|
||||||
|
ZM_ENABLE_CSRF_MAGIC &&
|
||||||
|
( $action != 'login' ) &&
|
||||||
|
( $view != 'view_video' ) &&
|
||||||
|
( $request != 'control' ) &&
|
||||||
|
( $view != 'frames' ) &&
|
||||||
|
( $view != 'archive' )
|
||||||
|
) {
|
||||||
require_once( 'includes/csrf/csrf-magic.php' );
|
require_once( 'includes/csrf/csrf-magic.php' );
|
||||||
#Logger::Debug("Calling csrf_check with the following values: \$request = \"$request\", \$view = \"$view\", \$action = \"$action\"");
|
#Logger::Debug("Calling csrf_check with the following values: \$request = \"$request\", \$view = \"$view\", \$action = \"$action\"");
|
||||||
csrf_check();
|
csrf_check();
|
||||||
|
@ -216,13 +224,11 @@ require_once( 'includes/actions.php' );
|
||||||
|
|
||||||
# If I put this here, it protects all views and popups, but it has to go after actions.php because actions.php does the actual logging in.
|
# If I put this here, it protects all views and popups, but it has to go after actions.php because actions.php does the actual logging in.
|
||||||
if ( ZM_OPT_USE_AUTH and !isset($user) ) {
|
if ( ZM_OPT_USE_AUTH and !isset($user) ) {
|
||||||
Logger::Debug("Redirecting to login" );
|
Logger::Debug('Redirecting to login');
|
||||||
$view = 'login';
|
$view = 'login';
|
||||||
$request = null;
|
$request = null;
|
||||||
}
|
} else if ( ZM_SHOW_PRIVACY && ($action != 'privacy') && ($view !='options') && (!$request) && canEdit('System') ) {
|
||||||
|
Logger::Debug('Redirecting to privacy');
|
||||||
if ( ZM_SHOW_PRIVACY && canEdit('System') ) {
|
|
||||||
Logger::Debug("Redirecting to privacy" );
|
|
||||||
$view = 'privacy';
|
$view = 'privacy';
|
||||||
$request = null;
|
$request = null;
|
||||||
}
|
}
|
||||||
|
|
Loading…
Reference in New Issue