restore username&password login for all urls
This commit is contained in:
Isaac Connor
parent
87e7ba0e50
commit
b1132087b8
|
|
@ -50,6 +50,7 @@ if ( ('login' == $action) && isset($_REQUEST['username']) && ( ZM_AUTH_TYPE == '
|
|||
if ( isset($responseData['error-codes']) && is_array($responseData['error-codes']) ) {
|
||||
if ( !in_array('invalid-input-secret', $responseData['error-codes']) ) {
|
||||
Error('reCaptcha authentication failed');
|
||||
unset($user); // unset should be ok here because we aren't in a function
|
||||
return;
|
||||
} else {
|
||||
Error('Invalid recaptcha secret detected');
|
||||
|
|
@ -58,20 +59,12 @@ if ( ('login' == $action) && isset($_REQUEST['username']) && ( ZM_AUTH_TYPE == '
|
|||
} // end if success==false
|
||||
} // end if using reCaptcha
|
||||
|
||||
// coming here means we need to authenticate the user
|
||||
// if captcha existed, it was passed
|
||||
|
||||
$username = $_REQUEST['username'];
|
||||
$password = $_REQUEST['password'];
|
||||
|
||||
$ret = validateUser($username, $password);
|
||||
if ( !$ret[0] ) {
|
||||
ZM\Error($ret[1]);
|
||||
if ( ! $user ) {
|
||||
$_SESSION['loginFailed'] = true;
|
||||
unset($user); // unset should be ok here because we aren't in a function
|
||||
return;
|
||||
}
|
||||
$user = $ret[0];
|
||||
|
||||
$close_session = 0;
|
||||
if ( !is_session_started() ) {
|
||||
|
|
|
|||
|
|
@ -256,15 +256,31 @@ if ( ZM_OPT_USE_AUTH ) {
|
|||
# This prevent session modification to switch users
|
||||
if ( isset($_SESSION['AuthHash'.$_SESSION['remoteAddr']]) )
|
||||
$user = getAuthUser($_SESSION['AuthHash'.$_SESSION['remoteAddr']]);
|
||||
else
|
||||
ZM\Logger::Debug("No auth hash in session, there should have been");
|
||||
|
||||
} else {
|
||||
# Need to refresh permissions and validate that the user still exists
|
||||
$sql = 'SELECT * FROM Users WHERE Enabled=1 AND Username=?';
|
||||
$user = dbFetchOne($sql, NULL, array($_SESSION['username']));
|
||||
}
|
||||
} else {
|
||||
ZM\Logger::Debug("No username in session");
|
||||
}
|
||||
|
||||
if ( ZM_AUTH_HASH_LOGINS && empty($user) && !empty($_REQUEST['auth']) ) {
|
||||
$user = getAuthUser($_REQUEST['auth']);
|
||||
} else if (
|
||||
! ( empty($_REQUEST['username']) or empty($_REQUEST['password']) or
|
||||
(defined('ZM_OPT_USE_GOOG_RECAPTCHA') && ZM_OPT_USE_GOOG_RECAPTCHA )
|
||||
) ) {
|
||||
$ret = validateUser($_REQUEST['username'], $_REQUEST['password');
|
||||
if ( !$ret[0] ) {
|
||||
ZM\Error($ret[1]);
|
||||
unset($user); // unset should be ok here because we aren't in a function
|
||||
return;
|
||||
}
|
||||
$user = $ret[0];
|
||||
}
|
||||
|
||||
if ( !empty($user) ) {
|
||||
|
|
|
|||
|
|
@ -77,7 +77,6 @@ if ( $_SERVER['REQUEST_METHOD'] == 'OPTIONS' ) {
|
|||
return;
|
||||
}
|
||||
|
||||
|
||||
if ( isset($_GET['skin']) ) {
|
||||
$skin = $_GET['skin'];
|
||||
} else if ( isset($_COOKIE['zmSkin']) ) {
|
||||
|
|
|
|||
Loading…
Reference in New Issue