From: Patrick Canterino Date: Sat, 6 Jul 2024 12:10:47 +0000 (+0200) Subject: Note the authentication type (by password or by IP no password) in the session X-Git-Tag: 4.6.0~5 X-Git-Url: https://git.p6c8.net/jirafeau.git/commitdiff_plain/814a694cd2782c11983433ba053111c4743d07f3?ds=inline;hp=-c Note the authentication type (by password or by IP no password) in the session This allows us to show the logout button only if the user is authenticated by password --- 814a694cd2782c11983433ba053111c4743d07f3 diff --git a/index.php b/index.php index 24565bd..78c1beb 100644 --- a/index.php +++ b/index.php @@ -50,6 +50,7 @@ if (jirafeau_user_session_logged()) { // Second check: Challenge by IP NO PASSWORD elseif (true === jirafeau_challenge_upload_ip_without_password($cfg, get_ip_address($cfg))) { jirafeau_user_session_start(); + $_SESSION['user_auth_type'] = JIRAFEAU_USER_AUTH_BY_IP_NO_PASSWORD; } // Third check: Challenge by IP elseif (true === jirafeau_challenge_upload_ip($cfg, get_ip_address($cfg))) { @@ -59,6 +60,7 @@ elseif (true === jirafeau_challenge_upload_ip($cfg, get_ip_address($cfg))) { if (isset($_POST['upload_password'])) { if (jirafeau_challenge_upload_password($cfg, $_POST['upload_password'])) { jirafeau_user_session_start(); + $_SESSION['user_auth_type'] = JIRAFEAU_USER_AUTH_BY_PASSWORD; } else { jirafeau_session_end(); jirafeau_fatal_error(t('BAD_PSW'), $cfg); @@ -290,7 +292,7 @@ if ($cfg['maximal_upload_size'] >= 1024) {
diff --git a/lib/settings.php b/lib/settings.php index 86a14e2..2c2235a 100644 --- a/lib/settings.php +++ b/lib/settings.php @@ -75,6 +75,9 @@ define('JIRAFEAU_MONTH', 2592000); // JIRAFEAU_DAY * 30 define('JIRAFEAU_QUARTER', 7776000); // JIRAFEAU_DAY * 90 define('JIRAFEAU_YEAR', 31536000); // JIRAFEAU_DAY * 365 +define('JIRAFEAU_USER_AUTH_BY_IP_NO_PASSWORD', 1); +define('JIRAFEAU_USER_AUTH_BY_PASSWORD', 2); + define('JIRAFEAU_SODIUM_CHUNKSIZE', 1024); // Define some Sodium constants from newer PHP versions if they are not available