ADD: Add identity to /forbidden page for easy administration
authorJustin J. Novack <jnovack@gmail.com>
Mon, 17 Sep 2012 13:53:19 +0000 (09:53 -0400)
committerJustin J. Novack <jnovack@gmail.com>
Mon, 17 Sep 2012 13:53:19 +0000 (09:53 -0400)
data/templates/forbidden.htm
www/auth.php
www/secure.php

index ad40a9f..e6965dd 100644 (file)
@@ -5,7 +5,11 @@
 
 <fieldset>
   <legend>Access Denied</legend>
-  <img src="images/access_denied.png">
+  <img src="images/access_denied.png" align='left'>
+  <p>We're sorry, your identity is not authorized:</p>
+  <p><code>{{ identity }}</code></p>
+  <p>If you feel this message is in error, please notify the site admin
+    and include your identity.</p>
 </fieldset>
 {% endblock %}
 
index bb4fcb2..b8d08ff 100644 (file)
@@ -201,15 +201,6 @@ if (isset($_POST['start'])) {
     }
 
     $openid = $message->getArrayFormat();
-    if ($GLOBALS['phorkie']['auth']['secure'] > 0 &&
-        $GLOBALS['phorkie']['auth']['userlist']) {
-        if (!in_array($openid['openid.identity'], $GLOBALS['phorkie']['users'])) {
-            $redirect = 'http://' . $_SERVER['HTTP_HOST'] . "/forbidden";
-            header('Location: ' . filter_var($redirect, FILTER_SANITIZE_URL));
-            exit;
-        }
-    }
-    // include_once 'openid/wrapper.php';
 
        $email = (isset($openid['openid.ext1.value.email'])) ? $openid['openid.ext1.value.email'] : null;
     $email = (isset($openid['openid.ext2.value.email']) && !isset($email)) ? $openid['openid.ext2.value.email'] : $email;
index 07cdfb6..4b81d59 100644 (file)
@@ -9,4 +9,12 @@ if (!isset($_SESSION['identity'])) {
     header("Location: /login");
     exit;
 }
+if ($GLOBALS['phorkie']['auth']['secure'] > 0 &&
+    $GLOBALS['phorkie']['auth']['userlist']) {
+    if (!in_array($_SESSION['identity'], $GLOBALS['phorkie']['users'])) {
+        $redirect = 'http://' . $_SERVER['HTTP_HOST'] . "/forbidden";
+        header('Location: ' . filter_var($redirect, FILTER_SANITIZE_URL));
+        exit;
+    }
+}
 ?>