mirror of
https://github.com/misterunknown/ifm.git
synced 2025-08-11 10:34:00 +02:00
fixed use of undefined index when checking for authentication
This commit is contained in:
Marco Dickert
22
ifm.php
22
ifm.php
@@ -1757,7 +1757,7 @@ ifm.init();
|
||||
*/
|
||||
|
||||
public function checkAuth() {
|
||||
if(IFMConfig::auth == 1 && $_SESSION['auth'] !== true) {
|
||||
if( IFMConfig::auth == 1 && ( ! isset( $_SESSION['auth'] ) || $_SESSION['auth'] !== true ) ) {
|
||||
$login_failed = false;
|
||||
if( isset( $_POST["user"] ) && isset( $_POST["pass"] ) ) {
|
||||
if( $this->checkCredentials( $_POST["user"], $_POST["pass"] ) ) {
|
||||
@@ -1769,16 +1769,18 @@ ifm.init();
|
||||
}
|
||||
}
|
||||
|
||||
if($_SESSION['auth'] !== true) {
|
||||
if(isset($_POST["api"]) && $login_failed === true)
|
||||
echo json_encode(array("status"=>"ERROR", "message"=>"authentication failed"));
|
||||
elseif(isset($_POST["api"]) && $login_failed !== true)
|
||||
echo json_encode(array("status"=>"ERROR", "message"=>"not authenticated"));
|
||||
else
|
||||
$this->loginForm($login_failed);
|
||||
return false;
|
||||
} else {
|
||||
if( isset( $_SESSION['auth'] ) && $_SESSION['auth'] === true ) {
|
||||
return true;
|
||||
} else {
|
||||
if( isset( $_POST["api"] ) ) {
|
||||
if( $login_failed === true )
|
||||
echo json_encode( array( "status"=>"ERROR", "message"=>"authentication failed" ) );
|
||||
else
|
||||
echo json_encode( array( "status"=>"ERROR", "message"=>"not authenticated" ) );
|
||||
} else {
|
||||
$this->loginForm($login_failed);
|
||||
}
|
||||
return false;
|
||||
}
|
||||
} else {
|
||||
return true;
|
||||
|
||||
22
src/main.php
22
src/main.php
@@ -596,7 +596,7 @@ class IFM {
|
||||
*/
|
||||
|
||||
public function checkAuth() {
|
||||
if(IFMConfig::auth == 1 && $_SESSION['auth'] !== true) {
|
||||
if( IFMConfig::auth == 1 && ( ! isset( $_SESSION['auth'] ) || $_SESSION['auth'] !== true ) ) {
|
||||
$login_failed = false;
|
||||
if( isset( $_POST["user"] ) && isset( $_POST["pass"] ) ) {
|
||||
if( $this->checkCredentials( $_POST["user"], $_POST["pass"] ) ) {
|
||||
@@ -608,16 +608,18 @@ class IFM {
|
||||
}
|
||||
}
|
||||
|
||||
if($_SESSION['auth'] !== true) {
|
||||
if(isset($_POST["api"]) && $login_failed === true)
|
||||
echo json_encode(array("status"=>"ERROR", "message"=>"authentication failed"));
|
||||
elseif(isset($_POST["api"]) && $login_failed !== true)
|
||||
echo json_encode(array("status"=>"ERROR", "message"=>"not authenticated"));
|
||||
else
|
||||
$this->loginForm($login_failed);
|
||||
return false;
|
||||
} else {
|
||||
if( isset( $_SESSION['auth'] ) && $_SESSION['auth'] === true ) {
|
||||
return true;
|
||||
} else {
|
||||
if( isset( $_POST["api"] ) ) {
|
||||
if( $login_failed === true )
|
||||
echo json_encode( array( "status"=>"ERROR", "message"=>"authentication failed" ) );
|
||||
else
|
||||
echo json_encode( array( "status"=>"ERROR", "message"=>"not authenticated" ) );
|
||||
} else {
|
||||
$this->loginForm($login_failed);
|
||||
}
|
||||
return false;
|
||||
}
|
||||
} else {
|
||||
return true;
|
||||
|
||||
Reference in New Issue
Block a user