Login page for protecting site
``/auth``
Authentication callback url
-``/forbidden``
- Access denied page
``/user``
Edit logged-in user information
rewrite ^/login$ /login.php;
rewrite ^/auth$ /auth.php;
- rewrite ^/forbidden$ /forbidden.php;
rewrite ^/user$ /user.php;
}
RewriteRule ^auth$ /auth.php
RewriteRule ^login$ /login.php
-RewriteRule ^forbidden$ /forbidden.php
RewriteRule ^user$ /user.php
+++ /dev/null
-<?php
-/**
- * Access Denied page
- */
-namespace phorkie;
-require_once 'www-header.php';
-
-$db = new Database();
-render(
- 'forbidden',
- array(
- 'recents' => $db->getSearch()->listAll(0, 5, 'crdate', 'desc'),
- )
-);
-?>
if ($GLOBALS['phorkie']['auth']['secure'] > 0 &&
$GLOBALS['phorkie']['auth']['userlist']) {
if (!in_array($_SESSION['identity'], $GLOBALS['phorkie']['users'])) {
- $redirect = 'http://' . $_SERVER['HTTP_HOST'] . "/forbidden";
- header('Location: ' . filter_var($redirect, FILTER_SANITIZE_URL));
+ header('HTTP/1.1 403 Forbidden');
+ $db = new Database();
+ render(
+ 'forbidden',
+ array(
+ 'recents' => $db->getSearch()->listAll(0, 5, 'crdate', 'desc'),
+ )
+ );
exit;
}
}