--- docman.php 2001/12/14 17:28:06 1.49
+++ docman.php 2002/01/24 09:09:12 1.56
@@ -133,7 +133,7 @@
//////////////////////////////////////////////////////////////////
- $gblVersion = "1.8-dev";
+ $gblVersion = "1.9-dev";
function StartHTML($title,$text="") {
@@ -174,14 +174,29 @@
= date($gblDateFmt) ?> -
= date($gblTimeFmt) ?> -
= $gblUserName ?>
- [logout]
+
+ [= $url_title ?>]
Document Manager = $gblVersion ?>, based on ANYPORTAL(php) Site Manager
© 1999 by ANYPORTAL,
© 2000 by d@nger.org,
-© 2000 by DbP
+© 2000-2002 by DbP
@@ -950,6 +965,8 @@
$title = "(401 Unauthorized)" ;
$text = "No trespassing !" ;
+
+ global $PHP_AUTH_USER,$PHP_AUTH_PW,$gblPw,$relogin;
StartHTML($title,$text) ;
EndHTML() ;
@@ -1158,7 +1175,6 @@
$log=fopen("$gblFsRoot/.changelog","r");
$logarr = array();
while($line = fgetcsv($log,512,"\t")) {
- $line[0] .= sizeof($line);
while (sizeof($line) > 4) {
$tmp = array_pop($line);
$line.=" $tmp";
@@ -1226,7 +1242,7 @@
// forks before authentication: style sheet and hash
// creation if password not yet set.
- if ($STYLE == "get") { CSS() ; exit ; }
+ if (isset($STYLE) && $STYLE == "get") { CSS() ; exit ; }
$fsScriptDir = dirname($SCRIPT_FILENAME) ;
// i.e. /home/httpd/html/docman
@@ -1243,10 +1259,26 @@
Error("Configuration error","Can't find user handling module at $gblIncDir/$gblUsers.php ! Please fix $fsScriptDir/.docman.conf");
}
+ // if no password, or empty password logout
+ if (
+ isset($PHP_AUTH_USER) && (
+ !isset($relogin) || (
+ isset($relogin) && $relogin != md5($PHP_AUTH_USER.$PHP_AUTH_PW)
+ )
+ ) && (
+ $PHP_AUTH_PW == "" || !isset($PHP_AUTH_PW)
+ ) && !isset($force_login)
+ ) {
+ StartHTML("Logout completed","Your login credentials has been erased") ;
+ EndHTML() ;
+ exit ;
+ }
+
// authentication failure
if ( md5($PHP_AUTH_USER.$PHP_AUTH_PW) != $gblPw ||
- isset($relogin) && $gblPw == $relogin ) {
- header("WWW-authenticate: basic realm=\"$HTTP_HOST\"") ;
+ isset($relogin) && $gblPw == $relogin) {
+ $realm="$HTTP_HOST";
+ header("WWW-authenticate: basic realm=\"$realm\"") ;
header("HTTP/1.0 401 Unauthorized") ;
NoEntry() ;
exit ;