diff options
author | Craig Andrews <candrews@integralblue.com> | 2009-12-05 21:04:20 -0500 |
---|---|---|
committer | Craig Andrews <candrews@integralblue.com> | 2009-12-05 21:05:33 -0500 |
commit | 3b14b61fa745d4906796ac49e78ae712f61e9643 (patch) | |
tree | 7058e787308bb3b8324e3cb55d8e1a91bf5ee7ba | |
parent | 75cac0fd6b94f77ec8ff32ebc89ec513ee102831 (diff) |
Add a configuration option to disable the login command.
$config['logincommand']['disabled'] = true;
This commit should be reverted once the command has been sufficiently tested and trusted.
-rw-r--r-- | actions/login.php | 5 | ||||
-rw-r--r-- | lib/command.php | 5 |
2 files changed, 9 insertions, 1 deletions
diff --git a/actions/login.php b/actions/login.php index cee29fd09..a6f86c0ca 100644 --- a/actions/login.php +++ b/actions/login.php @@ -75,11 +75,14 @@ class LoginAction extends Action function handle($args) { parent::handle($args); + + $disabled = common_config('logincommand','disabled'); + if (common_is_real_login()) { $this->clientError(_('Already logged in.')); } else if ($_SERVER['REQUEST_METHOD'] == 'POST') { $this->checkLogin(); - } else if (isset($args['user_id']) && isset($args['token'])){ + } else if (!isset($disabled) && isset($args['user_id']) && isset($args['token'])){ $this->checkLogin($args['user_id'],$args['token']); } else { common_ensure_session(); diff --git a/lib/command.php b/lib/command.php index 7e98156b6..e2a665511 100644 --- a/lib/command.php +++ b/lib/command.php @@ -583,6 +583,11 @@ class LoginCommand extends Command { function execute($channel) { + $disabled = common_config('logincommand','disabled'); + if(isset($disabled)) { + $channel->error($this->user, _('Login command is disabled')); + return; + } $login_token = Login_token::staticGet('user_id',$this->user->id); if($login_token){ $login_token->delete(); |