mirror of
https://github.com/prasathmani/tinyfilemanager
synced 2024-04-27 11:42:00 +02:00
Fixes ajax ability to handle requests when auth disabled (#952)
This commit is contained in:
parent
9c4d30d7b5
commit
dd1ba6795c
|
@ -423,7 +423,7 @@ unset($p, $use_auth, $iconv_input_encoding, $use_highlightjs, $highlightjs_style
|
|||
/*************************** ACTIONS ***************************/
|
||||
|
||||
// Handle all AJAX Request
|
||||
if (isset($_SESSION[FM_SESSION_ID]['logged'], $auth_users[$_SESSION[FM_SESSION_ID]['logged']]) && isset($_POST['ajax'], $_POST['token']) && !FM_READONLY) {
|
||||
if ((isset($_SESSION[FM_SESSION_ID]['logged'], $auth_users[$_SESSION[FM_SESSION_ID]['logged']]) || !FM_USE_AUTH) && isset($_POST['ajax'], $_POST['token']) && !FM_READONLY) {
|
||||
if(!verifyToken($_POST['token'])) {
|
||||
header('HTTP/1.0 401 Unauthorized');
|
||||
die("Invalid Token.");
|
||||
|
|
Loading…
Reference in a new issue