Add a configuration option to disable the login command.
$config['logincommand']['disabled'] = true; This commit should be reverted once the command has been sufficiently tested and trusted.
This commit is contained in:
parent
75cac0fd6b
commit
3b14b61fa7
|
@ -75,11 +75,14 @@ class LoginAction extends Action
|
|||
function handle($args)
|
||||
{
|
||||
parent::handle($args);
|
||||
|
||||
$disabled = common_config('logincommand','disabled');
|
||||
|
||||
if (common_is_real_login()) {
|
||||
$this->clientError(_('Already logged in.'));
|
||||
} else if ($_SERVER['REQUEST_METHOD'] == 'POST') {
|
||||
$this->checkLogin();
|
||||
} else if (isset($args['user_id']) && isset($args['token'])){
|
||||
} else if (!isset($disabled) && isset($args['user_id']) && isset($args['token'])){
|
||||
$this->checkLogin($args['user_id'],$args['token']);
|
||||
} else {
|
||||
common_ensure_session();
|
||||
|
|
|
@ -583,6 +583,11 @@ class LoginCommand extends Command
|
|||
{
|
||||
function execute($channel)
|
||||
{
|
||||
$disabled = common_config('logincommand','disabled');
|
||||
if(isset($disabled)) {
|
||||
$channel->error($this->user, _('Login command is disabled'));
|
||||
return;
|
||||
}
|
||||
$login_token = Login_token::staticGet('user_id',$this->user->id);
|
||||
if($login_token){
|
||||
$login_token->delete();
|
||||
|
|
Loading…
Reference in New Issue
Block a user