sven/ulogger-server
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Allow for authentication in case of public access

Browse Source
This commit is contained in:
Bartek Fabiszewski 2017-03-16 14:11:01 +01:00
parent a7a04754db
commit 53d2f454a6
2 changed files with 17 additions and 9 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

24
auth.php
View File

@ -34,16 +34,21 @@ if ($mysqli->connect_errno) {
exit(); exit();
} }
$mysqli->set_charset("utf8"); $mysqli->set_charset("utf8");
$auth = NULL;
$admin = NULL;
if ($require_authentication || defined('headless')) {
/* authentication */
session_name('ulogger');
session_start();
$sid = session_id();
$auth = (isset($_SESSION['auth']) ? $_SESSION['auth'] : ""); session_name('ulogger');
$admin = (isset($_SESSION['admin']) ? $_SESSION['admin'] : ""); session_start();
$sid = session_id();
// check for forced login to authorize admin in case of public access
$force_login = (isset($_REQUEST['force_login']) ? $_REQUEST['force_login'] : 0);
if ($force_login) {
$require_authentication = 1;
}
$auth = (isset($_SESSION['auth']) ? $_SESSION['auth'] : NULL);
$admin = (isset($_SESSION['admin']) ? $_SESSION['admin'] : NULL);
if ($auth || $require_authentication || defined('headless')) {
/* authentication */
$user = (isset($_REQUEST['user']) ? $_REQUEST['user'] : ""); $user = (isset($_REQUEST['user']) ? $_REQUEST['user'] : "");
$pass = (isset($_REQUEST['pass']) ? $_REQUEST['pass'] : ""); $pass = (isset($_REQUEST['pass']) ? $_REQUEST['pass'] : "");
$ssl = ((!isset($_SERVER['HTTPS']) || $_SERVER['HTTPS'] == "" || $_SERVER['HTTPS'] == "off") ? "http" : "https"); $ssl = ((!isset($_SERVER['HTTPS']) || $_SERVER['HTTPS'] == "" || $_SERVER['HTTPS'] == "off") ? "http" : "https");
@ -80,6 +85,7 @@ if ($require_authentication || defined('headless')) {
<input type="password" name="pass"><br /> <input type="password" name="pass"><br />
<br /> <br />
<input type="submit" value="'.$lang_login.'"> <input type="submit" value="'.$lang_login.'">
'.(($force_login==1) ? "<input type=\"hidden\" name=\"force_login\" value=\"1\">" : "").'
</form> </form>
<div id="error">'.(($auth_error==1) ? $lang_authfail : "").'</div> <div id="error">'.(($auth_error==1) ? $lang_authfail : "").'</div>
</div> </div>

2
index.php
View File

@ -40,6 +40,8 @@ else {
<u>'.$lang_user.'</u> '; <u>'.$lang_user.'</u> ';
if ($auth) { if ($auth) {
$user_form .= '&nbsp;'.$user.' (<a href="logout.php">'.$lang_logout.'</a>)'; $user_form .= '&nbsp;'.$user.' (<a href="logout.php">'.$lang_logout.'</a>)';
} else {
$user_form .= '&nbsp;<a href="index.php?force_login=1">'.$lang_login.'</a>';
} }
$user_form .= ' $user_form .= '
<br /> <br />