git.cweiske.de
/
phorkie.git
/ blobdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
|
commitdiff
|
tree
raw
|
inline
| side by side
FIX: Revamped security measures
[phorkie.git]
/
www
/
www-security.php
diff --git
a/www/www-security.php
b/www/www-security.php
index 241f866f03c12fd6071db452e94de7242b8b3420..47e9a9eff591b6e137acd20a7a33918b1a8802a7 100644
(file)
--- a/
www/www-security.php
+++ b/
www/www-security.php
@@
-26,15
+26,23
@@
if (!isset($_SESSION['identity'])) {
$logged_in = true;
}
$logged_in = true;
}
-if ($logged_in) {
- //logged in? all fine
- return;
-} else if ($GLOBALS['phorkie']['auth']['secure'] == 2) {
- //not logged in and security level 2 => error
- require 'forbidden.php';
-} else if (isset($pageRequiresLogin) && !$pageRequiresLogin) {
+if ($pageRequiresLogin >= $GLOBALS['phorkie']['auth']['secure']) {
+ if ($logged_in) {
+ return;
+ }
+} else {
return;
}
return;
}
+// p / G / log_in = disp
+// 0 / 1 / true = return
+// 0 / 1 / false = block
+// 0 / 2 / true = return
+// 0 / 2 / false = return
+// 1 / 1 / true = return
+// 1 / 1 / false = block
+// 1 / 2 / true = return
+// 1 / 2 / false = block
+
require 'forbidden.php';
require 'forbidden.php';
-?>
\ No newline at end of file
+?>