Fix guest/bot session problems with apache authentication plugin (Bug #41085)

git-svn-id: file:///svn/phpbb/trunk@9307 89ea8834-ac86-4346-8a33-228a782c2dd0
2025-05-29 02:29:21 +02:00 · 2009-01-27 09:25:00 +00:00 · 2009-01-27 09:25:00 +00:00 · 7aced345c5
commit 7aced345c5
parent 90ad76e948
1 changed files with 12 additions and 0 deletions
--- a/phpBB/includes/auth/auth_apache.php
+++ b/phpBB/includes/auth/auth_apache.php
@ -225,6 +225,18 @@ function user_row_apache($username, $password)
 */
 function validate_session_apache(&$user)
 {
+	// We only need to check authenticated users. For anonymous user as well as bots the session of course did not expire.
+	if ($user['user_id'] == ANONYMOUS)
+	{
+		return true;
+	}
+
+	// Checking for a bot is a bit mroe complicated... but we are able to check this with the user type (anonymous has the same as bots)
+	if ($user['user_type'] == USER_IGNORE)
+	{
+		return true;
+	}
+
 	if (!isset($_SERVER['PHP_AUTH_USER']))
 	{
 		return false;