fix http basic authentication

diff --git a/functions.php b/functions.php
index 77388106cf2098533a37a240915408c4721ecd1c..b6c426f54285f8dc39d4648956ee0289a2a6c0ed 100644 (file)
--- a/functions.php
+++ b/functions.php
@@ -604,9 +604,9 @@
 
        }
 
-       function http_authenticate_user($link) {
+       function http_authenticate_user($link, $force_logout) {
 
-               if (!$_SERVER['PHP_AUTH_USER']) {
+               if (!$_SERVER['PHP_AUTH_USER'] || $force_logout) {
 
                        header('WWW-Authenticate: Basic realm="Tiny Tiny RSS"');
                        header('HTTP/1.0 401 Unauthorized');

diff --git a/logout.php b/logout.php
index c43d86cb079ebac770f94b80adde0c3a1a46f003..cfc9fd0348e6be4e0c9e032cee77e9a8b8b5a172 100644 (file)
--- a/logout.php
+++ b/logout.php
@@ -1,12 +1,17 @@
 <?
        session_start();
 
+       require_once "config.php";
+
        $_SESSION["uid"] = null;
        $_SESSION["name"] = null;
        $_SESSION["access_level"] = null;
 
        session_destroy();
 
-       header("Location: login.php");
-
+       if (!USE_HTTP_AUTH) {
+               header("Location: login.php");
+       } else {
+               header("Location: tt-rss.php");
+       }
 ?>

diff --git a/prefs.php b/prefs.php
index 0673fd36fa3280c0316968875f3d8d6597edcdc6..ac874a8e4e52819db7cb57b8da1105c6eb729f34 100644 (file)
--- a/prefs.php
+++ b/prefs.php
@@ -12,11 +12,12 @@
 
                if (!USE_HTTP_AUTH) {
                        if (!$_SESSION["uid"]) {
-                               header("Location: login.php?rt=prefs.php");
+                               header("Location: login.php?rt=tt-rss.php");
                                exit;
                        }
                } else {
-                       authenticate_user($link);
+                       $force_logout = $_POST["ForceLogout"];
+                       http_authenticate_user($link, $force_logout == "yes");
                }
        } else {
                $_SESSION["uid"] = 1;

diff --git a/tt-rss.css b/tt-rss.css
index 0e919c10bf16f15f18f345a698386584224befdf..7c32578875566503c2b976d866a185de51b1e51a 100644 (file)
--- a/tt-rss.css
+++ b/tt-rss.css
@@ -587,6 +587,12 @@ td.welcomePrompt {
 
 }
 
+td.httpWelcomePrompt {
+       font-size : small;
+       color : gray;
+       text-align : right;
+}
+
 table.loginForm {
        background-image : url("images/vgrad_light_rev.png");
        background-color : white;

diff --git a/tt-rss.php b/tt-rss.php
index 0f4a72dc1f49c89160f22c53b9ae1251d5f17968..9e04bc677d2684cb33bed5e289a6c1bea83adcf0 100644 (file)
--- a/tt-rss.php
+++ b/tt-rss.php
@@ -16,7 +16,8 @@
                                exit;
                        }
                } else {
-                       authenticate_user($link);
+                       $force_logout = $_POST["ForceLogout"];
+                       http_authenticate_user($link, $force_logout == "yes");
                }
        } else {
                $_SESSION["uid"] = 1;
@@ -77,7 +78,18 @@
 
                </tr><tr><td class="welcomePrompt">
                        <? if (!SINGLE_USER_MODE) { ?>
-                       Hello, <b><?= $_SESSION["name"] ?></b> (<a href="logout.php">Logout</a>)</td>
+                       <? if (USE_HTTP_AUTH) { ?>
+                               <table align="right"><tr>
+                               <td class="httpWelcomePrompt">Hello, <b><?= $_SESSION["name"] ?></b></td>
+                               <td><form action="tt-rss.php" method="POST">
+                                       <input type="hidden" name="ForceLogout" value="yes">
+                                       <input type="submit" class="button" value="Logout">
+                               </form>
+                               </td></tr></table>
+                       <? } else { ?>
+                               Hello, <b><?= $_SESSION["name"] ?></b>(<a href="logout.php">Logout</a>)
+                       <? } ?>
+                       </td>                   
                        <? } ?>
                </tr></table>
        </td>