diff options
Diffstat (limited to 'www')
| -rw-r--r-- | www/auth.php | 9 | ||||
| -rw-r--r-- | www/secure.php | 8 |
2 files changed, 8 insertions, 9 deletions
diff --git a/www/auth.php b/www/auth.php index bb4fcb2..b8d08ff 100644 --- a/www/auth.php +++ b/www/auth.php @@ -201,15 +201,6 @@ if (isset($_POST['start'])) { } $openid = $message->getArrayFormat(); - if ($GLOBALS['phorkie']['auth']['secure'] > 0 && - $GLOBALS['phorkie']['auth']['userlist']) { - if (!in_array($openid['openid.identity'], $GLOBALS['phorkie']['users'])) { - $redirect = 'http://' . $_SERVER['HTTP_HOST'] . "/forbidden"; - header('Location: ' . filter_var($redirect, FILTER_SANITIZE_URL)); - exit; - } - } - // include_once 'openid/wrapper.php'; $email = (isset($openid['openid.ext1.value.email'])) ? $openid['openid.ext1.value.email'] : null; $email = (isset($openid['openid.ext2.value.email']) && !isset($email)) ? $openid['openid.ext2.value.email'] : $email; diff --git a/www/secure.php b/www/secure.php index 07cdfb6..4b81d59 100644 --- a/www/secure.php +++ b/www/secure.php @@ -9,4 +9,12 @@ if (!isset($_SESSION['identity'])) { header("Location: /login"); exit; } +if ($GLOBALS['phorkie']['auth']['secure'] > 0 && + $GLOBALS['phorkie']['auth']['userlist']) { + if (!in_array($_SESSION['identity'], $GLOBALS['phorkie']['users'])) { + $redirect = 'http://' . $_SERVER['HTTP_HOST'] . "/forbidden"; + header('Location: ' . filter_var($redirect, FILTER_SANITIZE_URL)); + exit; + } +} ?> |