GNUsocial
/
gnu-social
4
0
Fork 1
Code Issues Releases Wiki Activity

Add a configuration option to disable the login command. 

$config['logincommand']['disabled'] = true;

This commit should be reverted once the command has been sufficiently tested and trusted.
This commit is contained in:
Craig Andrews 2009-12-05 21:04:20 -05:00
parent 75cac0fd6b
commit 3b14b61fa7
2 changed files with 9 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
actions/login.php
View File

@ -75,11 +75,14 @@ class LoginAction extends Action
function handle($args)
{
parent::handle($args);
$disabled = common_config('logincommand','disabled');
if (common_is_real_login()) {
$this->clientError(_('Already logged in.'));
} else if ($_SERVER['REQUEST_METHOD'] == 'POST') {
$this->checkLogin();
} else if (isset($args['user_id']) && isset($args['token'])){
} else if (!isset($disabled) && isset($args['user_id']) && isset($args['token'])){
$this->checkLogin($args['user_id'],$args['token']);
} else {
common_ensure_session();

5
lib/command.php
View File

@ -583,6 +583,11 @@ class LoginCommand extends Command
{
function execute($channel)
{
$disabled = common_config('logincommand','disabled');
if(isset($disabled)) {
$channel->error($this->user, _('Login command is disabled'));
return;
}
$login_token = Login_token::staticGet('user_id',$this->user->id);
if($login_token){
$login_token->delete();