diff options
author | Meik Sievertsen <acydburn@phpbb.com> | 2009-01-27 09:25:00 +0000 |
---|---|---|
committer | Meik Sievertsen <acydburn@phpbb.com> | 2009-01-27 09:25:00 +0000 |
commit | 7aced345c5a2871f6eddfe316297b4ff9a0ebb76 (patch) | |
tree | b7baad5bba15a5279fe2a9c0454622b7cd38e7c0 /phpBB | |
parent | let us change the time zone and dst setting correctly (related to Bug #38775) (diff) | |
download | phpbb-7aced345c5a2871f6eddfe316297b4ff9a0ebb76.tar.gz phpbb-7aced345c5a2871f6eddfe316297b4ff9a0ebb76.tar.bz2 phpbb-7aced345c5a2871f6eddfe316297b4ff9a0ebb76.zip |
Fix guest/bot session problems with apache authentication plugin (Bug #41085)
git-svn-id: file:///svn/phpbb/trunk@9307 89ea8834-ac86-4346-8a33-228a782c2dd0
Diffstat (limited to 'phpBB')
-rw-r--r-- | phpBB/includes/auth/auth_apache.php | 12 |
1 files changed, 12 insertions, 0 deletions
diff --git a/phpBB/includes/auth/auth_apache.php b/phpBB/includes/auth/auth_apache.php index 77a462ac6b..fa41c41de4 100644 --- a/phpBB/includes/auth/auth_apache.php +++ b/phpBB/includes/auth/auth_apache.php @@ -225,6 +225,18 @@ function user_row_apache($username, $password) */ function validate_session_apache(&$user) { + // We only need to check authenticated users. For anonymous user as well as bots the session of course did not expire. + if ($user['user_id'] == ANONYMOUS) + { + return true; + } + + // Checking for a bot is a bit mroe complicated... but we are able to check this with the user type (anonymous has the same as bots) + if ($user['user_type'] == USER_IGNORE) + { + return true; + } + if (!isset($_SERVER['PHP_AUTH_USER'])) { return false; |