ZoneMinder
/
zoneminder
mirror of https://github.com/ZoneMinder/zoneminder.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

put authorized check back after including actions.php where it needs to go

pull/1857/head
Isaac Connor 2016-11-28 11:34:46 -05:00
parent be5b4691da
commit f9af1e7129
1 changed files with 4 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
web/index.php
View File

@ -178,15 +178,15 @@ if ( ZM_OPT_USE_AUTH && ZM_AUTH_HASH_LOGINS ) {
generateAuthHash( ZM_AUTH_HASH_IPS );
}
}
# If I put this here, it protects all views and popups, but it has to go after actions.php because actions.php does the actual logging in.
if ( ZM_OPT_USE_AUTH && ! isset($user) && $view != 'login' ) {
$view = 'login';
}
if ( isset($_REQUEST['action']) ) {
$action = detaintPath($_REQUEST['action']);
require_once( 'includes/actions.php' );
}
# If I put this here, it protects all views and popups, but it has to go after actions.php because actions.php does the actual logging in.
if ( ZM_OPT_USE_AUTH && ! isset($user) && $view != 'login' ) {
$view = 'login';
}
# Only one request can open the session file at a time, so let's close the session here to improve concurrency.
# Any file/page that sets session variables must re-open it.