external/aurweb
0
0
Fork 0
mirror of https://gitlab.archlinux.org/archlinux/aurweb.git synced 2025-02-03 10:43:03 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions

Add a configuration setting to disallow HTTP login

Browse source 
If this is enabled, do not show the login form and display a note
suggesting to switch to a secure connection if a user accesses the site
via HTTP.

Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
This commit is contained in:
Lukas Fleischer 2011-08-11 17:35:03 +02:00
parent a47f4915dc
commit 1c9db1d1f1
3 changed files with 17 additions and 3 deletions
Download patch file Download diff file Expand all files Collapse all files

7
web/lib/aur.inc.php
View file

@ -326,9 +326,12 @@ function html_header($title="") {
global $_POST;
global $LANG;
global $SUPPORTED_LANGS;
global $DISABLE_HTTP_LOGIN;
$login = try_login();
$login_error = $login['error'];
if (!$DISABLE_HTTP_LOGIN || (isset($_SERVER['HTTPS']) && $_SERVER['HTTPS'])) {
$login = try_login();
$login_error = $login['error'];
}
$title = htmlspecialchars($title, ENT_QUOTES);