ZoneMinder
/
zoneminder
mirror of https://github.com/ZoneMinder/zoneminder.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

Use isset when testing for existence of authash in session

pull/2675/head
Isaac Connor 2019-07-29 14:54:55 -04:00
parent 8167ff2143
commit 7f19831e0c
1 changed files with 1 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
web/includes/auth.php
View File

@ -377,7 +377,7 @@ if ( ZM_OPT_USE_AUTH ) {
if ( ZM_AUTH_HASH_LOGINS and (ZM_AUTH_RELAY == 'hashed') ) { if ( ZM_AUTH_HASH_LOGINS and (ZM_AUTH_RELAY == 'hashed') ) {
# Extra validation, if logged in, then the auth hash will be set in the session, so we can validate it. # Extra validation, if logged in, then the auth hash will be set in the session, so we can validate it.
# This prevent session modification to switch users # This prevent session modification to switch users
if ( $_SESSION['AuthHash'.$_SESSION['remoteAddr']] ) if ( isset($_SESSION['AuthHash'.$_SESSION['remoteAddr']]) )
$user = getAuthUser($_SESSION['AuthHash'.$_SESSION['remoteAddr']]); $user = getAuthUser($_SESSION['AuthHash'.$_SESSION['remoteAddr']]);
} else { } else {
# Need to refresh permissions and validate that the user still exists # Need to refresh permissions and validate that the user still exists