diff options
| author | Karl 'vollmerk' Vollmer <vollmer@ampache.org> | 2006-05-13 00:39:40 +0000 |
|---|---|---|
| committer | Karl 'vollmerk' Vollmer <vollmer@ampache.org> | 2006-05-13 00:39:40 +0000 |
| commit | a4be3297d541560e1bc4291d366808fca517d49e (patch) | |
| tree | f2dd6cc96d2e28042845d7b532d19cc3c1295e9e /login.php | |
| parent | 7049a9976a25e95cb1ee68a84a853211ccc3db8a (diff) | |
| download | ampache-a4be3297d541560e1bc4291d366808fca517d49e.tar.gz ampache-a4be3297d541560e1bc4291d366808fca517d49e.tar.bz2 ampache-a4be3297d541560e1bc4291d366808fca517d49e.zip | |
fixed localplay buttons with use_auth disabled and tweaked access control mojo to prevent login in addition to the normal prevention of streaming
Diffstat (limited to 'login.php')
| -rw-r--r-- | login.php | 14 |
1 files changed, 14 insertions, 0 deletions
@@ -31,6 +31,20 @@ require_once('modules/init.php'); vauth_session_cookie(); init_preferences(); +/** + * If Access Control is turned on then we don't + * even want them to be able to get to the login + * page if they aren't in the ACL + */ +if (conf('access_control')) { + $access = new Access(0); + if (!$access->check("25", $_SERVER['REMOTE_ADDR'])) { + debug_event('access_denied','Access Denied:' . $_SERVER['REMOTE_ADDR'] . ' is not in the Access list','3'); + access_denied(); + } +} // access_control is enabled + + /* Check for posted username and password */ if ($_POST['username'] && $_POST['password']) { |