gnh1201/seeddms-code
1
0
Fork 0
mirror of https://git.code.sf.net/p/seeddms/code synced 2026-05-08 21:41:23 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

fix multiple redirection if password must be changed and 2 factor auth must be setup

Browse Source
This commit is contained in:
Uwe Steinmann 2026-04-08 11:43:08 +02:00
parent 9c107cbf18
commit 154f0aa9a4
1 changed files with 2 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
inc/inc.Authentication.php
View File

@ -130,7 +130,7 @@ if($isajax)
if (!$user->isAdmin() && $origuser == null) {
if($settings->_passwordExpiration > 0) {
if(!in_array(basename($_SERVER['SCRIPT_NAME']), ['out.ForcePasswordChange.php', 'op.EditUserData.php', 'op.Logout.php'])) {
if(!in_array(basename($_SERVER['SCRIPT_NAME']), ['out.Setup2Factor.php', 'op.Setup2Factor.php', 'out.ForcePasswordChange.php', 'op.EditUserData.php', 'op.Logout.php'])) {
$pwdexp = $user->getPwdExpiration();
if($pwdexp && substr($pwdexp, 0, 10) != '0000-00-00') {
$pwdexpts = strtotime($pwdexp); // + $pwdexp*86400;
@ -148,7 +148,7 @@ if (!$user->isAdmin() && $origuser == null) {
* already on the page Setup2Factor.php and no user substiation has occured.
*/
if($settings->_enable2FactorAuthentication && $settings->_guestID != $user->getID() && $settings->_autoLoginUser != $user->getID() && $origuser == null && $user->getSecret() == '') {
if(!in_array(basename($_SERVER['SCRIPT_NAME']), ['out.Setup2Factor.php', 'op.Setup2Factor.php', 'op.Logout.php'])) {
if(!in_array(basename($_SERVER['SCRIPT_NAME']), ['out.ForcePasswordChange.php', 'out.Setup2Factor.php', 'op.Setup2Factor.php', 'op.Logout.php'])) {
header("Location: ../out/out.Setup2Factor.php");
exit;
}