2005-04-28
hornet136
I've applied ACLs on my system. When a user, who has not logged in, accesses a page that they do not have access to they get the standard "you dont have permission, perhaps you forgot to login" message. When the user follows those instructions by clicking the login button (from the unauthorized page) they still get a permission denied message. The reason is that the login button re-references the current namespace. Since the user does not have access to this page they are denied. I've fixed this by editing "template.php" and changed the following:
case 'login':
if($conf['useacl']){
if($_SERVER['REMOTE_USER']){
print html_btn('logout',$ID,'',array('do' => 'logout',));
}else{
print html_btn('login',$ID,'',array('do' => 'login')); <-------- This line
}
}
break;
TO:
case 'login':
if($conf['useacl']){
if($_SERVER['REMOTE_USER']){
print html_btn('logout',$ID,'',array('do' => 'logout',));
}else{
print html_btn('login',$conf['start'],'',array('do' => 'login')); <------- This line
}
}
break;
Now, since I assume that everyone should always be able to access the system default start page, I reference it every time for loging in.