mirror of
https://git.tt-rss.org/git/tt-rss.git
synced 2026-02-10 16:01:33 +00:00
prevent setting session cookie when user not logged in and tt-rss.php/prefs.php is requested
This commit is contained in:
@@ -839,6 +839,17 @@
|
|||||||
return true;
|
return true;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
function basic_nosid_redirect_check() {
|
||||||
|
if (!SINGLE_USER_MODE) {
|
||||||
|
if (!$_COOKIE["ttrss_sid"]) {
|
||||||
|
$redirect_uri = get_login_redirect();
|
||||||
|
$return_to = preg_replace('/.*?\//', '', $_SERVER["REQUEST_URI"]);
|
||||||
|
header("Location: $redirect_uri?rt=$return_to");
|
||||||
|
exit;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
function login_sequence($link) {
|
function login_sequence($link) {
|
||||||
if (!SINGLE_USER_MODE) {
|
if (!SINGLE_USER_MODE) {
|
||||||
|
|
||||||
|
|||||||
@@ -1,11 +1,14 @@
|
|||||||
<?
|
<?
|
||||||
|
require_once "functions.php";
|
||||||
|
|
||||||
|
basic_nosid_redirect_check();
|
||||||
|
|
||||||
require_once "sessions.php";
|
require_once "sessions.php";
|
||||||
|
|
||||||
require_once "sanity_check.php";
|
require_once "sanity_check.php";
|
||||||
require_once "version.php";
|
require_once "version.php";
|
||||||
require_once "config.php";
|
require_once "config.php";
|
||||||
require_once "db-prefs.php";
|
require_once "db-prefs.php";
|
||||||
require_once "functions.php";
|
|
||||||
|
|
||||||
$link = db_connect(DB_HOST, DB_USER, DB_PASS, DB_NAME);
|
$link = db_connect(DB_HOST, DB_USER, DB_PASS, DB_NAME);
|
||||||
|
|
||||||
|
|||||||
+4
-1
@@ -1,11 +1,14 @@
|
|||||||
<?
|
<?
|
||||||
|
require_once "functions.php";
|
||||||
|
|
||||||
|
basic_nosid_redirect_check();
|
||||||
|
|
||||||
require_once "sessions.php";
|
require_once "sessions.php";
|
||||||
|
|
||||||
require_once "sanity_check.php";
|
require_once "sanity_check.php";
|
||||||
require_once "version.php";
|
require_once "version.php";
|
||||||
require_once "config.php";
|
require_once "config.php";
|
||||||
require_once "db-prefs.php";
|
require_once "db-prefs.php";
|
||||||
require_once "functions.php";
|
|
||||||
|
|
||||||
$link = db_connect(DB_HOST, DB_USER, DB_PASS, DB_NAME);
|
$link = db_connect(DB_HOST, DB_USER, DB_PASS, DB_NAME);
|
||||||
|
|
||||||
|
|||||||
Reference in New Issue
Block a user