diff options
| author | Florian Pritz <bluewind@xinu.at> | 2013-09-04 16:37:32 +0200 |
|---|---|---|
| committer | Florian Pritz <bluewind@xinu.at> | 2013-09-04 16:37:32 +0200 |
| commit | 855b7b25aeba021400aa6a3438e2ab19c3b63907 (patch) | |
| tree | e8790191e864b2acd4bd9a8232d8d457c943026f | |
| parent | cce1fe9bfea359cebae585eaaa944650bace4966 (diff) | |
Replace is_cli_client() with stateful_client where applicable
Stateless clients (cli client and clients using api keys) can't reclaim
IDs (no cookie) so they should be required to log in asap and they will
always get an error if they didn't log in.
Signed-off-by: Florian Pritz <bluewind@xinu.at>
| -rw-r--r-- | application/controllers/file.php | 8 | ||||
| -rw-r--r-- | application/core/MY_Controller.php | 1 | ||||
| -rw-r--r-- | application/models/muser.php | 3 |
3 files changed, 5 insertions, 7 deletions
diff --git a/application/controllers/file.php b/application/controllers/file.php index 6a97c645f..98ccae884 100644 --- a/application/controllers/file.php +++ b/application/controllers/file.php @@ -582,9 +582,9 @@ class File extends MY_Controller { // Handle pastes function do_paste() { - // desktop clients get a cookie to claim the ID later + // stateful clients get a cookie to claim the ID later // don't force them to log in just yet - if (is_cli_client()) { + if (!stateful_client()) { $this->muser->require_access(); } @@ -617,9 +617,9 @@ class File extends MY_Controller { // Handles uploaded files function do_upload() { - // desktop clients get a cookie to claim the ID later + // stateful clients get a cookie to claim the ID later // don't force them to log in just yet - if (is_cli_client()) { + if (!stateful_client()) { $this->muser->require_access("apikey"); } diff --git a/application/core/MY_Controller.php b/application/core/MY_Controller.php index e1c6cc96e..008c48dec 100644 --- a/application/core/MY_Controller.php +++ b/application/core/MY_Controller.php @@ -80,7 +80,6 @@ class MY_Controller extends CI_Controller { $csrf_protection = false; } - // TODO: replace cli client with request_type("plain")? if (is_cli_client() && in_array($uri_start, $csrf_whitelisted_handlers["cli_client"])) { $csrf_protection = false; } diff --git a/application/models/muser.php b/application/models/muser.php index 6a488476f..2dd7280e8 100644 --- a/application/models/muser.php +++ b/application/models/muser.php @@ -184,8 +184,7 @@ class Muser extends CI_Model { return $this->check_access_level($wanted_level); } - // if a CLI client reaches this point it failed to log in - if (is_cli_client()) { + if (!stateful_client()) { show_error("Not authenticated. FileBin requires you to have an account, please go to the homepage for more information.\n", 401); } |