sbrl-github/Pepperminty-Wiki
sbrl-github
/
Pepperminty-Wiki
mirror of https://github.com/sbrl/Pepperminty-Wiki.git
1
0
Fork 0
Code

Fix access by secret when login is forced

This commit is contained in:
Starbeamrainbowlabs 2017-07-14 20:46:22 +01:00
parent a63d83bc34
commit 6adb919c2a
1 changed files with 1 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
core.php
View File

@ -1337,7 +1337,7 @@ if(!isset($pageindex->{$env->page}) and isset($_GET["search-redirect"]))
// Note we use $_GET here because $env->action isn't populated at this point
if($settings->require_login_view === true && // If this site requires a login in order to view pages
!$env->is_logged_in && // And the user isn't logged in
!in_array($_GET["action"], [ "login", "checklogin", "opensearch-description" ])) // And the user isn't trying to login, or get the opensearch description
!in_array($_GET["action"], [ "login", "checklogin", "opensearch-description", "invindex-rebuild", "stats-update" ])) // And the user isn't trying to login, or get the opensearch description, or access actions that apply their own access rules
{
// Redirect the user to the login page
http_response_code(307);