From 4d626dfb4ef43ae8493284a5d43fe1394a311d45 Mon Sep 17 00:00:00 2001 From: Pliable Pixels Date: Mon, 8 Oct 2018 17:28:03 -0400 Subject: [PATCH] allow username&password even if AUTH_HASH is enabled (#2231) --- web/index.php | 7 +++---- 1 file changed, 3 insertions(+), 4 deletions(-) diff --git a/web/index.php b/web/index.php index 2569f2bb7..addddce06 100644 --- a/web/index.php +++ b/web/index.php @@ -183,14 +183,13 @@ foreach ( getSkinIncludes('skin.php') as $includeFile ) require_once $includeFile; if ( ZM_OPT_USE_AUTH ) { - if ( ZM_AUTH_HASH_LOGINS ) { - if ( empty($user) && ! empty($_REQUEST['auth']) ) { + if ( ZM_AUTH_HASH_LOGINS && empty($user) && ! empty($_REQUEST['auth']) ) { if ( $authUser = getAuthUser($_REQUEST['auth']) ) { userLogin($authUser['Username'], $authUser['Password'], true); } } - } else if ( isset($_REQUEST['username']) and isset($_REQUEST['password']) ) { - userLogin($_REQUEST['username'], $_REQUEST['password'], false); + else if ( isset($_REQUEST['username']) and isset($_REQUEST['password']) ) { + userLogin($_REQUEST['username'], $_REQUEST['password'], false); } if ( !empty($user) ) { // generate it once here, while session is open. Value will be cached in session and return when called later on