aboutsummaryrefslogtreecommitdiff
path: root/phpBB
diff options
context:
space:
mode:
authorMeik Sievertsen <acydburn@phpbb.com>2009-01-27 09:25:00 +0000
committerMeik Sievertsen <acydburn@phpbb.com>2009-01-27 09:25:00 +0000
commit7aced345c5a2871f6eddfe316297b4ff9a0ebb76 (patch)
treeb7baad5bba15a5279fe2a9c0454622b7cd38e7c0 /phpBB
parentlet us change the time zone and dst setting correctly (related to Bug #38775) (diff)
downloadphpbb-7aced345c5a2871f6eddfe316297b4ff9a0ebb76.tar.gz
phpbb-7aced345c5a2871f6eddfe316297b4ff9a0ebb76.tar.bz2
phpbb-7aced345c5a2871f6eddfe316297b4ff9a0ebb76.zip
Fix guest/bot session problems with apache authentication plugin (Bug #41085)
git-svn-id: file:///svn/phpbb/trunk@9307 89ea8834-ac86-4346-8a33-228a782c2dd0
Diffstat (limited to 'phpBB')
-rw-r--r--phpBB/includes/auth/auth_apache.php12
1 files changed, 12 insertions, 0 deletions
diff --git a/phpBB/includes/auth/auth_apache.php b/phpBB/includes/auth/auth_apache.php
index 77a462ac6b..fa41c41de4 100644
--- a/phpBB/includes/auth/auth_apache.php
+++ b/phpBB/includes/auth/auth_apache.php
@@ -225,6 +225,18 @@ function user_row_apache($username, $password)
*/
function validate_session_apache(&$user)
{
+ // We only need to check authenticated users. For anonymous user as well as bots the session of course did not expire.
+ if ($user['user_id'] == ANONYMOUS)
+ {
+ return true;
+ }
+
+ // Checking for a bot is a bit mroe complicated... but we are able to check this with the user type (anonymous has the same as bots)
+ if ($user['user_type'] == USER_IGNORE)
+ {
+ return true;
+ }
+
if (!isset($_SERVER['PHP_AUTH_USER']))
{
return false;