From: Patrick Canterino Date: Sat, 6 Jul 2024 12:10:47 +0000 (+0200) Subject: Note the authentication type (by password or by IP no password) in the session X-Git-Tag: 4.6.0~5 X-Git-Url: https://git.p6c8.net/jirafeau_project.git/commitdiff_plain/814a694cd2782c11983433ba053111c4743d07f3?ds=inline;hp=9040d6ac8178bcae4a80f22e04974b4d86fb9000 Note the authentication type (by password or by IP no password) in the session This allows us to show the logout button only if the user is authenticated by password --- diff --git a/index.php b/index.php index 24565bd..78c1beb 100644 --- a/index.php +++ b/index.php @@ -50,6 +50,7 @@ if (jirafeau_user_session_logged()) { // Second check: Challenge by IP NO PASSWORD elseif (true === jirafeau_challenge_upload_ip_without_password($cfg, get_ip_address($cfg))) { jirafeau_user_session_start(); + $_SESSION['user_auth_type'] = JIRAFEAU_USER_AUTH_BY_IP_NO_PASSWORD; } // Third check: Challenge by IP elseif (true === jirafeau_challenge_upload_ip($cfg, get_ip_address($cfg))) { @@ -59,6 +60,7 @@ elseif (true === jirafeau_challenge_upload_ip($cfg, get_ip_address($cfg))) { if (isset($_POST['upload_password'])) { if (jirafeau_challenge_upload_password($cfg, $_POST['upload_password'])) { jirafeau_user_session_start(); + $_SESSION['user_auth_type'] = JIRAFEAU_USER_AUTH_BY_PASSWORD; } else { jirafeau_session_end(); jirafeau_fatal_error(t('BAD_PSW'), $cfg); @@ -290,7 +292,7 @@ if ($cfg['maximal_upload_size'] >= 1024) {
diff --git a/lib/settings.php b/lib/settings.php index 86a14e2..2c2235a 100644 --- a/lib/settings.php +++ b/lib/settings.php @@ -75,6 +75,9 @@ define('JIRAFEAU_MONTH', 2592000); // JIRAFEAU_DAY * 30 define('JIRAFEAU_QUARTER', 7776000); // JIRAFEAU_DAY * 90 define('JIRAFEAU_YEAR', 31536000); // JIRAFEAU_DAY * 365 +define('JIRAFEAU_USER_AUTH_BY_IP_NO_PASSWORD', 1); +define('JIRAFEAU_USER_AUTH_BY_PASSWORD', 2); + define('JIRAFEAU_SODIUM_CHUNKSIZE', 1024); // Define some Sodium constants from newer PHP versions if they are not available