From: Alan <alan@roojs.com>
Date: Thu, 19 May 2022 05:52:44 +0000 (+0800)
Subject: disable_http_auth as an option
X-Git-Url: http://git.roojs.org/?p=Pman.Core;a=commitdiff_plain;h=90d4031765e4ad31a05a3a23cfbc81416ecadac6

disable_http_auth as an option
---

diff --git a/DataObjects/Core_person.php b/DataObjects/Core_person.php
index 160a0580..8799d542 100644
--- a/DataObjects/Core_person.php
+++ b/DataObjects/Core_person.php
@@ -256,16 +256,12 @@ class Pman_Core_DataObjects_Core_person extends DB_DataObject
         // do not start a session if we are using http auth...
         // we have a situation where the app is behind a http access and is also login
         // need to work out a way to handle that.
-        
-        $session_started = false;
-        if (php_sapi_name() != "cli" && empty($_SERVER['PHP_AUTH_USER']) && empty($_COOKIE['PHPSESSID'])) {
-            $session_started = false;
-            @session_start();
+ 
+        if (php_sapi_name() != "cli" && empty($_SERVER['PHP_AUTH_USER']) && !empty($ff->disable_http_auth))  {
+             @session_start();
         }
         
-        
-       
-        $ff= HTML_FlexyFramework::get();
+         
        
         $sesPrefix = $this->sesPrefix();
         
@@ -312,9 +308,7 @@ class Pman_Core_DataObjects_Core_person extends DB_DataObject
         }
         
         // at this point all http auth stuff is done, so we can init session
-       if (php_sapi_name() != "cli" && !$session_started) {
-            @session_start();
-        }
+        
         
         //die("test init");
         if (!$this->canInitializeSystem()) {