diff options
author | Scott Ullrich <sullrich@pfsense.org> | 2007-11-19 00:17:56 +0000 |
---|---|---|
committer | Scott Ullrich <sullrich@pfsense.org> | 2007-11-19 00:17:56 +0000 |
commit | a34016184668ca14ae80ddc165db60cad5101c89 (patch) | |
tree | 164745ad9183312faee30fa4dcd8e85b37c48f5a | |
parent | 859e12eddb2c94bacac58ed6e82760e06c682771 (diff) | |
download | pfsense-a34016184668ca14ae80ddc165db60cad5101c89.zip pfsense-a34016184668ca14ae80ddc165db60cad5101c89.tar.gz |
Do not logout session if the user does not have access to a page. We should also hide menu items that user does not have access to.
-rw-r--r-- | etc/inc/authgui.inc | 7 |
1 files changed, 1 insertions, 6 deletions
diff --git a/etc/inc/authgui.inc b/etc/inc/authgui.inc index 9e83157..8d1b30f 100644 --- a/etc/inc/authgui.inc +++ b/etc/inc/authgui.inc @@ -115,8 +115,7 @@ if (!(isSystemAdmin($HTTP_SERVER_VARS['AUTH_USER']))) { echo "||Access to AJAX has been disallowed for this user."; exit; } - - + if ($pagereq <> "" && (in_array($pagereq, $allowed) || in_array("ANY", $allowed))) { pfSenseHeader("{$home}"); exit; @@ -145,14 +144,10 @@ if (!(isSystemAdmin($HTTP_SERVER_VARS['AUTH_USER']))) { function display_error_form($http_code, $desc) { global $config, $g; $g['theme'] = $config['theme']; - - logout_session(); - if(isAjax()) { echo "Error: {$http_code} Description: {$desc}"; return; } - $htmlstr = <<<EOD <html> <head> |