Always ask for auth when anonymous read and write is disabled
This commit is contained in:
parent
a330f9db18
commit
cff0f429b9
2 changed files with 46 additions and 14 deletions
26
index.php
26
index.php
|
@ -1784,14 +1784,30 @@ namespace PicoDAV
|
||||||
return $out;
|
return $out;
|
||||||
}
|
}
|
||||||
|
|
||||||
function error(WebDAV_Exception $e)
|
public function route(?string $uri = null): bool
|
||||||
{
|
{
|
||||||
if ($e->getCode() == 403 && !$this->storage->auth() && count($this->storage->users)) {
|
if (!ANONYMOUS_WRITE && !ANONYMOUS_READ) {
|
||||||
$user = $_SERVER['PHP_AUTH_USER'] ?? null;
|
$this->requireAuth();
|
||||||
|
return true;
|
||||||
|
}
|
||||||
|
|
||||||
|
return parent::route($uri);
|
||||||
|
}
|
||||||
|
|
||||||
|
protected function requireAuth(): void
|
||||||
|
{
|
||||||
|
if ($this->storage->auth()) {
|
||||||
|
return;
|
||||||
|
}
|
||||||
|
|
||||||
http_response_code(401);
|
http_response_code(401);
|
||||||
header('WWW-Authenticate: Basic realm="Please login"');
|
header('WWW-Authenticate: Basic realm="Please login"');
|
||||||
echo '<h2>Error 401</h2><h1>You need to login to access this.</h1>';
|
echo '<h2>Error 401</h2><h1>You need to login to access this.</h1>';
|
||||||
|
}
|
||||||
|
|
||||||
|
public function error(WebDAV_Exception $e)
|
||||||
|
{
|
||||||
|
if ($e->getCode() == 403 && !$this->storage->auth() && count($this->storage->users)) {
|
||||||
return;
|
return;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -1851,11 +1867,11 @@ RewriteRule ^.*$ /index.php [END]
|
||||||
$fp = fopen(__FILE__, 'r');
|
$fp = fopen(__FILE__, 'r');
|
||||||
|
|
||||||
if ($relative_uri == '.webdav/webdav.js') {
|
if ($relative_uri == '.webdav/webdav.js') {
|
||||||
fseek($fp, 49803, SEEK_SET);
|
fseek($fp, 50046, SEEK_SET);
|
||||||
echo fread($fp, 27769);
|
echo fread($fp, 27769);
|
||||||
}
|
}
|
||||||
else {
|
else {
|
||||||
fseek($fp, 49803 + 27769, SEEK_SET);
|
fseek($fp, 50046 + 27769, SEEK_SET);
|
||||||
echo fread($fp, 6988);
|
echo fread($fp, 6988);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
22
server.php
22
server.php
|
@ -508,14 +508,30 @@ namespace PicoDAV
|
||||||
return $out;
|
return $out;
|
||||||
}
|
}
|
||||||
|
|
||||||
function error(WebDAV_Exception $e)
|
public function route(?string $uri = null): bool
|
||||||
{
|
{
|
||||||
if ($e->getCode() == 403 && !$this->storage->auth() && count($this->storage->users)) {
|
if (!ANONYMOUS_WRITE && !ANONYMOUS_READ) {
|
||||||
$user = $_SERVER['PHP_AUTH_USER'] ?? null;
|
$this->requireAuth();
|
||||||
|
return true;
|
||||||
|
}
|
||||||
|
|
||||||
|
return parent::route($uri);
|
||||||
|
}
|
||||||
|
|
||||||
|
protected function requireAuth(): void
|
||||||
|
{
|
||||||
|
if ($this->storage->auth()) {
|
||||||
|
return;
|
||||||
|
}
|
||||||
|
|
||||||
http_response_code(401);
|
http_response_code(401);
|
||||||
header('WWW-Authenticate: Basic realm="Please login"');
|
header('WWW-Authenticate: Basic realm="Please login"');
|
||||||
echo '<h2>Error 401</h2><h1>You need to login to access this.</h1>';
|
echo '<h2>Error 401</h2><h1>You need to login to access this.</h1>';
|
||||||
|
}
|
||||||
|
|
||||||
|
public function error(WebDAV_Exception $e)
|
||||||
|
{
|
||||||
|
if ($e->getCode() == 403 && !$this->storage->auth() && count($this->storage->users)) {
|
||||||
return;
|
return;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
Loading…
Reference in a new issue