Differences From:
File
src/login.c
part of check-in
[947842fb0b]
- Fix a bug in login.
by
drh on
2007-07-30 17:43:49.
[view]
To:
File
src/login.c
part of check-in
[5ebcedc33e]
- Require read permission (permission to read tickets and configuration histories) to view the global timeline.
by
dan on
2007-07-31 16:34:09.
[view]
@@ -205,9 +205,9 @@
/* Check the login cookie to see if it matches a known valid user.
*/
if( uid==0 ){
- if( (zCookie = P(login_cookie_name()))!=0 ){
+ if( (zCookie = P(login_cookie_name()))!=0 && strlen(zCookie)>0 ){
uid = db_int(0,
"SELECT uid FROM user"
" WHERE uid=%d"
" AND cookie=%Q"
@@ -216,20 +216,22 @@
atoi(zCookie), zCookie, zRemoteAddr
);
}else{
uid = db_int(0, "SELECT uid FROM user WHERE login='anonymous'");
+ g.isAnon = 1;
+ g.zLogin = "";
}
}
if( uid==0 ){
- g.isAnon = 1;
- g.zLogin = "";
- zCap = db_get("nologin-cap","onrj");
+ zCap = db_get("nologin-cap","");
}else if( zCap==0 ){
Stmt s;
db_prepare(&s, "SELECT login, cap FROM user WHERE uid=%d", uid);
db_step(&s);
- g.zLogin = db_column_malloc(&s, 0);
+ if( !g.isAnon ){
+ g.zLogin = db_column_malloc(&s, 0);
+ }
zCap = db_column_malloc(&s, 1);
g.isAnon = 0;
db_finalize(&s);
}