diff options
Diffstat (limited to 'server')
| -rw-r--r-- | server/xml.server.php | 8 |
1 files changed, 8 insertions, 0 deletions
diff --git a/server/xml.server.php b/server/xml.server.php index 04475bca..3cb56e20 100644 --- a/server/xml.server.php +++ b/server/xml.server.php @@ -27,6 +27,9 @@ define('NO_SESSION','1'); require_once '../lib/init.php'; +// If we don't even have access control on then we can't use this! +if (!Config::get('access_control')) { access_denied(); exit; } + /** * Verify the existance of the Session they passed in we do allow them to * login via this interface so we do have an exception for action=login @@ -36,6 +39,11 @@ if (!Access::session_exists(array(),$_REQUEST['auth'],'api') AND $_REQUEST['acti exit(); } +// If it's not a handshake then we can allow it to take up lots of time +if (!$_REQUEST['action'] != 'handshake') { + set_time_limit(0); +} + /* Set the correct headers */ header("Content-type: text/xml; charset=" . Config::get('site_charset')); header("Content-Disposition: attachment; filename=information.xml"); |