Hi,
$auth_password initialized above (see lines 133-142 and 160 in same file).
$_SESSION['password'] not used anymore, it always empty and your code incorrect.
what is AuthBasicFake, for what auth mechanism it is for?
On Tue, Oct 25, 2016 at 5:16 AM, Peter.Hine@familycourt.gov.au wrote:
Adam,
First up, this happened a long time ago. It's just taken till now to find why it broke (cause i have free time, i'm testing 0.16.9.8118 and found the error again)
The problem lies in line 200 of html/includes/authenticate.inc.php (v0.16.9.8118) if (!$_SESSION['authenticated'] && (authenticate($_SESSION['username'], $auth_password) || // login/password
in older versions, "$auth_password" was "$_SESSION['password']".
by replacing "$auth_password" with "$_SESSION['password']"., AuthBasicFake works again.
I can't see where "$auth_password" is initialized but it's not my code so i'll not assume too much more than that.
thanks
Peter Hine Senior Technical Support Engineer (Servers) Corporate Services | Federal Court of Australia
The information contained in this e-mail (including any attachments) is for the exclusive use of the addressee. If you are not the intended recipient please notify the sender immediately and delete this e-mail. It is noted that legal privilege is not waived because you have read this e-mail.
observium mailing list observium@observium.org http://postman.memetic.org/cgi-bin/mailman/listinfo/observium