mirror/php-phpbb
1
0
Fork 0
mirror of https://github.com/phpbb/phpbb.git synced 2025-08-06 16:56:44 +02:00
Code Issues Releases Wiki Activity

- auto sync attachment topic flag [Bug #2949]

Browse Source 
- corrected paths for templates stored in the db and filenames displayed in the template editor [Bug #3662]
- removed some useless language strings [Bug #3648]
- corrected escaping of usernames and passwords in auth modules [Bug #3696], added ldap_escape


git-svn-id: file:///svn/phpbb/trunk@6266 89ea8834-ac86-4346-8a33-228a782c2dd0
This commit is contained in:
Nils Adermann
2006-08-12 01:58:58 +00:00
parent b5a6291fa5
commit b1ef984526
6 changed files with 32 additions and 16 deletions
Download Patch File Download Diff File Expand all files Collapse all files

13
phpBB/includes/auth/auth_apache.php
View File

@@ -121,6 +121,9 @@ function autologin_apache()
if (!empty($php_auth_user) && !empty($php_auth_pw))
{
set_var($php_auth_user, $php_auth_user, 'string');
set_var($php_auth_pw, $php_auth_pw, 'string');
$sql = 'SELECT *
FROM ' . USERS_TABLE . "
WHERE username = '" . $db->sql_escape($php_auth_user) . "'";
@@ -190,7 +193,15 @@ function user_row_apache($username, $password)
*/
function validate_session_apache(&$user)
{
return (isset($_SERVER['PHP_AUTH_USER']) && ($_SERVER['PHP_AUTH_USER'] === $user['username'])) ? true : false;
if (!isset($_SERVER['PHP_AUTH_USER']))
{
return false;
}
$php_auth_user = '';
set_var($php_auth_user, $_SERVER['PHP_AUTH_USER'], 'string');
return ($php_auth_user === $user['username']) ? true : false;
}
?>