extern/egroupware_official
1
0
Fork 0
mirror of https://github.com/EGroupware/egroupware.git synced 2025-01-20 12:58:46 +01:00
Code Issues Packages Projects Releases Wiki Activity

avoid misconfiguration of user "anonymous" NOT flaged as such

Browse Source
This commit is contained in:
Ralf Becker 2020-03-19 14:21:32 +01:00
parent 34ec346821
commit e9c3533c93
2 changed files with 6 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
admin/inc/class.admin_cmd_edit_user.inc.php
View File

@ -104,7 +104,10 @@ class admin_cmd_edit_user extends admin_cmd_change_pw
} }
$data['changepassword'] = admin_cmd::parse_boolean($data['changepassword'],$this->account ? null : true); $data['changepassword'] = admin_cmd::parse_boolean($data['changepassword'],$this->account ? null : true);
$data['anonymous'] = admin_cmd::parse_boolean($data['anonymous'],$this->account ? null : false); $data['anonymous'] = admin_cmd::parse_boolean($data['anonymous'],$this->account ? null : false) ||
// automatic set anonymous flag for username "anonymous", to not allow to create anonymous user without it
($data['account_lid'] ?: admin_cmd::$accounts->id2name($this->account)) === 'anonymous';
if ($data['mustchangepassword'] && $data['changepassword']) if ($data['mustchangepassword'] && $data['changepassword'])
{ {
$data['account_lastpwd_change']=0; $data['account_lastpwd_change']=0;

3
api/src/Sharing.php
View File

@ -482,7 +482,8 @@ class Sharing
// sharing is for a different share, change to current share // sharing is for a different share, change to current share
if ($this->share['share_token'] !== self::get_token()) if ($this->share['share_token'] !== self::get_token())
{ {
self::create_session($GLOBALS['egw']->session->session_flags === 'N'); self::create_session($GLOBALS['egw']->session->session_flags === 'N' ||
$GLOBALS['egw_info']['user']['account_lid'] === 'anonymous');
return $GLOBALS['egw']->sharing->ServeRequest(); return $GLOBALS['egw']->sharing->ServeRequest();
} }