mirror of
https://github.com/Piwigo/Piwigo.git
synced 2025-04-26 11:19:55 +03:00
8effbe8e95
In order to avoid loading user context as "guest" and then wait to be in ws_images_uploadAsync function to authenticate and load a new user context. This way we deal with "automatic" authentication in the same place (as apache auth or url auth) and we use the more common user context loading mecanism. Making Community compatible is now much easier. To avoid duplicating too many lines of ws.php into inc/user.inc.php, I have moved the init of ws.php into inc/ws_init.inc.php
83 lines
2.1 KiB
PHP
83 lines
2.1 KiB
PHP
<?php
|
|
// +-----------------------------------------------------------------------+
|
|
// | This file is part of Piwigo. |
|
|
// | |
|
|
// | For copyright and license information, please view the COPYING.txt |
|
|
// | file that was distributed with this source code. |
|
|
// +-----------------------------------------------------------------------+
|
|
|
|
// by default we start with guest
|
|
$user['id'] = $conf['guest_id'];
|
|
|
|
if (isset($_COOKIE[session_name()]))
|
|
{
|
|
if (isset($_GET['act']) and $_GET['act'] == 'logout')
|
|
{ // logout
|
|
logout_user();
|
|
redirect(get_gallery_home_url());
|
|
}
|
|
elseif (!empty($_SESSION['pwg_uid']))
|
|
{
|
|
$user['id'] = $_SESSION['pwg_uid'];
|
|
}
|
|
}
|
|
|
|
// Now check the auto-login
|
|
if ( $user['id']==$conf['guest_id'] )
|
|
{
|
|
auto_login();
|
|
}
|
|
|
|
// using Apache authentication override the above user search
|
|
if ($conf['apache_authentication'])
|
|
{
|
|
$remote_user = null;
|
|
foreach (array('REMOTE_USER', 'REDIRECT_REMOTE_USER') as $server_key)
|
|
{
|
|
if (isset($_SERVER[$server_key]))
|
|
{
|
|
$remote_user = $_SERVER[$server_key];
|
|
break;
|
|
}
|
|
}
|
|
|
|
if (isset($remote_user))
|
|
{
|
|
if (!($user['id'] = get_userid($remote_user)))
|
|
{
|
|
$user['id'] = register_user($remote_user, '', '', false);
|
|
}
|
|
}
|
|
}
|
|
|
|
// automatic login by authentication key
|
|
if (isset($_GET['auth']))
|
|
{
|
|
auth_key_login($_GET['auth']);
|
|
}
|
|
|
|
if (
|
|
defined('IN_WS')
|
|
and isset($_REQUEST['method'])
|
|
and 'pwg.images.uploadAsync' == $_REQUEST['method']
|
|
and isset($_POST['username'])
|
|
and isset($_POST['password'])
|
|
)
|
|
{
|
|
if (!try_log_user($_POST['username'], $_POST['password'], false))
|
|
{
|
|
include_once(PHPWG_ROOT_PATH.'include/ws_init.inc.php');
|
|
$service->sendResponse(new PwgError(999, 'Invalid username/password'));
|
|
exit();
|
|
}
|
|
}
|
|
|
|
$user = build_user( $user['id'],
|
|
( defined('IN_ADMIN') and IN_ADMIN ) ? false : true // use cache ?
|
|
);
|
|
if ($conf['browser_language'] and (is_a_guest() or is_generic()) and $language = get_browser_language())
|
|
{
|
|
$user['language'] = $language;
|
|
}
|
|
trigger_notify('user_init', $user);
|
|
?>
|