From e2cc1b1eea3e5b49f32fda2dc1727ed745b5f9ec Mon Sep 17 00:00:00 2001
From: naftali <naftali@nbots.ga>
Date: Tue, 22 Jun 2021 22:14:24 +0300
Subject: [PATCH] added option to use as guest when auth on

---
 config-sample.php   |  5 ++++-
 tinyfilemanager.php | 16 ++++++++++++----
 2 files changed, 16 insertions(+), 5 deletions(-)

diff --git a/config-sample.php b/config-sample.php
index c75b9a9..9e3e1d3 100644
--- a/config-sample.php
+++ b/config-sample.php
@@ -16,6 +16,9 @@ or
 // Is independent from IP white- and blacklisting
 $use_auth = true;
 
+// Allow guest user when using auth
+$auth_allow_guest = true;
+
 // Login user name and password
 // Users: array('Username' => 'Password', 'Username2' => 'Password2', ...)
 // Generate secure password hash - https://tinyfilemanager.github.io/docs/pwd.html
@@ -27,7 +30,7 @@ $auth_users = array(
 // Readonly users
 // e.g. array('users', 'guest', ...)
 $readonly_users = array(
-    'user'
+    'user', 'guest'
 );
 
 // Enable highlight.js (https://highlightjs.org/) on view's page
diff --git a/tinyfilemanager.php b/tinyfilemanager.php
index d0fe6db..d557923 100644
--- a/tinyfilemanager.php
+++ b/tinyfilemanager.php
@@ -21,6 +21,9 @@ define('APP_TITLE', 'Tiny File Manager');
 // Is independent from IP white- and blacklisting
 $use_auth = true;
 
+// Allow guest user when using auth
+$auth_allow_guest = true;
+
 // Login user name and password
 // Users: array('Username' => 'Password', 'Username2' => 'Password2', ...)
 // Generate secure password hash - https://tinyfilemanager.github.io/docs/pwd.html
@@ -32,7 +35,7 @@ $auth_users = array(
 // Readonly users
 // e.g. array('users', 'guest', ...)
 $readonly_users = array(
-    'user'
+    'user', 'guest'
 );
 
 // Enable highlight.js (https://highlightjs.org/) on view's page
@@ -283,12 +286,12 @@ if ($use_auth) {
             } else {
                 unset($_SESSION[FM_SESSION_ID]['logged']);
                 fm_set_msg(lng('Login failed. Invalid username or password'), 'error');
-                fm_redirect(FM_SELF_URL);
+                fm_redirect(FM_SELF_URL . '?login=1');
             }
         } else {
             fm_set_msg(lng('password_hash not supported, Upgrade PHP version'), 'error');;
         }
-    } else {
+    } elseif(!$auth_allow_guest || $_GET['login'] ?? false) {
         // Form
         unset($_SESSION[FM_SESSION_ID]['logged']);
         fm_show_header_login();
@@ -351,6 +354,10 @@ if ($use_auth) {
     }
 }
 
+if($use_auth && $auth_allow_guest && !isset($_SESSION[FM_SESSION_ID]['logged'])){
+    $_SESSION[FM_SESSION_ID]['logged'] = 'guest';
+}
+
 // update root path
 if ($use_auth && isset($_SESSION[FM_SESSION_ID]['logged'])) {
     $root_path = isset($directories_users[$_SESSION[FM_SESSION_ID]['logged']]) ? $directories_users[$_SESSION[FM_SESSION_ID]['logged']] : $root_path;
@@ -3398,7 +3405,8 @@ function fm_show_nav_path($path)
                             <a title="<?php echo lng('Settings') ?>" class="dropdown-item nav-link" href="?p=<?php echo urlencode(FM_PATH) ?>&amp;settings=1"><i class="fa fa-cog" aria-hidden="true"></i> <?php echo lng('Settings') ?></a>
                             <?php endif ?>
                             <a title="<?php echo lng('Help') ?>" class="dropdown-item nav-link" href="?p=<?php echo urlencode(FM_PATH) ?>&amp;help=2"><i class="fa fa-exclamation-circle" aria-hidden="true"></i> <?php echo lng('Help') ?></a>
-                            <a title="<?php echo lng('Logout') ?>" class="dropdown-item nav-link" href="?logout=1"><i class="fa fa-sign-out" aria-hidden="true"></i> <?php echo lng('Logout') ?></a>
+                            <?php $is_guest = $_SESSION[FM_SESSION_ID]['logged'] == 'guest' ?>
+                            <a title="<?php echo $is_guest ? lng('Login') : lng('Logout') ?>" class="dropdown-item nav-link" href=<?php echo $is_guest ? "?login=1": "?logout=1" ?>><i class="fa fa-sign-out" aria-hidden="true"></i> <?php echo $is_guest ? lng('Login') : lng('Logout') ?></a>
                         </div>
                     </li>
                     <?php else: ?>