From: Patrick Canterino Date: Sat, 6 Jul 2024 12:10:47 +0000 (+0200) Subject: Note the authentication type (by password or by IP no password) in the session X-Git-Tag: 4.6.0~5 X-Git-Url: https://git.p6c8.net/jirafeau.git/commitdiff_plain/814a694cd2782c11983433ba053111c4743d07f3 Note the authentication type (by password or by IP no password) in the session This allows us to show the logout button only if the user is authenticated by password --- diff --git a/index.php b/index.php index 24565bd..78c1beb 100644 --- a/index.php +++ b/index.php @@ -50,6 +50,7 @@ if (jirafeau_user_session_logged()) { // Second check: Challenge by IP NO PASSWORD elseif (true === jirafeau_challenge_upload_ip_without_password($cfg, get_ip_address($cfg))) { jirafeau_user_session_start(); + $_SESSION['user_auth_type'] = JIRAFEAU_USER_AUTH_BY_IP_NO_PASSWORD; } // Third check: Challenge by IP elseif (true === jirafeau_challenge_upload_ip($cfg, get_ip_address($cfg))) { @@ -59,6 +60,7 @@ elseif (true === jirafeau_challenge_upload_ip($cfg, get_ip_address($cfg))) { if (isset($_POST['upload_password'])) { if (jirafeau_challenge_upload_password($cfg, $_POST['upload_password'])) { jirafeau_user_session_start(); + $_SESSION['user_auth_type'] = JIRAFEAU_USER_AUTH_BY_PASSWORD; } else { jirafeau_session_end(); jirafeau_fatal_error(t('BAD_PSW'), $cfg); @@ -290,7 +292,7 @@ if ($cfg['maximal_upload_size'] >= 1024) {
diff --git a/lib/settings.php b/lib/settings.php index 86a14e2..2c2235a 100644 --- a/lib/settings.php +++ b/lib/settings.php @@ -75,6 +75,9 @@ define('JIRAFEAU_MONTH', 2592000); // JIRAFEAU_DAY * 30 define('JIRAFEAU_QUARTER', 7776000); // JIRAFEAU_DAY * 90 define('JIRAFEAU_YEAR', 31536000); // JIRAFEAU_DAY * 365 +define('JIRAFEAU_USER_AUTH_BY_IP_NO_PASSWORD', 1); +define('JIRAFEAU_USER_AUTH_BY_PASSWORD', 2); + define('JIRAFEAU_SODIUM_CHUNKSIZE', 1024); // Define some Sodium constants from newer PHP versions if they are not available