mirror of
https://github.com/EGroupware/egroupware.git
synced 2024-12-23 07:09:20 +01:00
"check for a valid eGW session"
This commit is contained in:
parent
a58cd51617
commit
256163ba98
@ -27,8 +27,22 @@ global $Config ;
|
|||||||
// SECURITY: You must explicitly enable this "connector". (Set it to "true").
|
// SECURITY: You must explicitly enable this "connector". (Set it to "true").
|
||||||
// WARNING: don't just set "$Config['Enabled'] = true ;", you must be sure that only
|
// WARNING: don't just set "$Config['Enabled'] = true ;", you must be sure that only
|
||||||
// authenticated users can access this file or use some kind of session checking.
|
// authenticated users can access this file or use some kind of session checking.
|
||||||
$Config['Enabled'] = true ;
|
//$Config['Enabled'] = false ;
|
||||||
|
|
||||||
|
function deny_no_egw_session(&$account)
|
||||||
|
{
|
||||||
|
die('Access denied!');
|
||||||
|
}
|
||||||
|
$GLOBALS['egw_info'] = array(
|
||||||
|
'flags' => array(
|
||||||
|
'currentapp' => 'sitemgr',
|
||||||
|
'noheader' => true,
|
||||||
|
'autocreate_session_callback' => 'deny_no_egw_session',
|
||||||
|
)
|
||||||
|
);
|
||||||
|
// will not continue, unless the header get's included, there is a valid eGW session and the user has sitemgr rights
|
||||||
|
require('../../../../../../../header.inc.php');
|
||||||
|
$Config['Enabled'] = $GLOBALS['egw']->session->session_flags == 'N'; // disallow anonymous users
|
||||||
|
|
||||||
// Path to user files relative to the document root.
|
// Path to user files relative to the document root.
|
||||||
//$Config['UserFilesPath'] = '' ;
|
//$Config['UserFilesPath'] = '' ;
|
||||||
@ -51,7 +65,7 @@ $Config['SecureImageUploads'] = true;
|
|||||||
$Config['ConfigAllowedCommands'] = array('QuickUpload', 'FileUpload', 'GetFolders', 'GetFoldersAndFiles', 'CreateFolder') ;
|
$Config['ConfigAllowedCommands'] = array('QuickUpload', 'FileUpload', 'GetFolders', 'GetFoldersAndFiles', 'CreateFolder') ;
|
||||||
|
|
||||||
// Allowed Resource Types
|
// Allowed Resource Types
|
||||||
$Config['ConfigAllowedTypes'] = array('images','File', 'Image', 'Flash', 'Media') ;
|
$Config['ConfigAllowedTypes'] = array('File', 'Image', 'Flash', 'Media') ;
|
||||||
|
|
||||||
// For security, HTML is allowed in the first Kb of data for files having the
|
// For security, HTML is allowed in the first Kb of data for files having the
|
||||||
// following extensions only.
|
// following extensions only.
|
||||||
|
Loading…
Reference in New Issue
Block a user