From cbab89641fa1f2d533c70e6a5983e488568880e4 Mon Sep 17 00:00:00 2001 From: Alan Date: Thu, 19 May 2022 13:55:19 +0800 Subject: [PATCH] better detect disable http auht --- DataObjects/Core_person.php | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/DataObjects/Core_person.php b/DataObjects/Core_person.php index 8799d542..56c08afc 100644 --- a/DataObjects/Core_person.php +++ b/DataObjects/Core_person.php @@ -257,7 +257,7 @@ class Pman_Core_DataObjects_Core_person extends DB_DataObject // we have a situation where the app is behind a http access and is also login // need to work out a way to handle that. - if (php_sapi_name() != "cli" && empty($_SERVER['PHP_AUTH_USER']) && !empty($ff->disable_http_auth)) { + if (php_sapi_name() != "cli" && (empty($_SERVER['PHP_AUTH_USER']) || !empty($ff->disable_http_auth))) { @session_start(); } @@ -290,7 +290,7 @@ class Pman_Core_DataObjects_Core_person extends DB_DataObject // http basic auth.. $u = DB_DataObject::factory($this->tableName()); - if (empty($_COOKIE['PHPSESSID']) // http auth requests should not have this... + if (empty($ff->disable_http_auth) // http auth requests should not have this... && !empty($_SERVER['PHP_AUTH_USER']) && -- 2.39.2