X-Git-Url: http://git.roojs.org/?p=Pman.Core;a=blobdiff_plain;f=DataObjects%2FCore_person.php;fp=DataObjects%2FCore_person.php;h=160a058049ac235ec9adc0a649f1b9a20a7ea8a4;hp=5e30028f96edfd53fdf1f18401746bc53e06ca0d;hb=52b198a6657c62282056db33022a7d09f9a56412;hpb=d0be1b08073ff663c709f03f6357caf399a61e69 diff --git a/DataObjects/Core_person.php b/DataObjects/Core_person.php index 5e30028f..160a0580 100644 --- a/DataObjects/Core_person.php +++ b/DataObjects/Core_person.php @@ -254,9 +254,16 @@ class Pman_Core_DataObjects_Core_person extends DB_DataObject function isAuth() { // do not start a session if we are using http auth... - if (empty($_SERVER['PHP_AUTH_USER']) && php_sapi_name() != "cli") { + // we have a situation where the app is behind a http access and is also login + // need to work out a way to handle that. + + $session_started = false; + if (php_sapi_name() != "cli" && empty($_SERVER['PHP_AUTH_USER']) && empty($_COOKIE['PHPSESSID'])) { + $session_started = false; @session_start(); } + + $ff= HTML_FlexyFramework::get(); @@ -287,7 +294,9 @@ class Pman_Core_DataObjects_Core_person extends DB_DataObject // http basic auth.. $u = DB_DataObject::factory($this->tableName()); - if (!empty($_SERVER['PHP_AUTH_USER']) + if (empty($_COOKIE['PHPSESSID']) // http auth requests should not have this... + && + !empty($_SERVER['PHP_AUTH_USER']) && !empty($_SERVER['PHP_AUTH_PW']) && @@ -301,6 +310,12 @@ class Pman_Core_DataObjects_Core_person extends DB_DataObject self::$authUser = $u; return true; } + + // at this point all http auth stuff is done, so we can init session + if (php_sapi_name() != "cli" && !$session_started) { + @session_start(); + } + //die("test init"); if (!$this->canInitializeSystem()) { // die("can not init");