From 73d6522359a3f4cf80ae6060818405440454ee69 Mon Sep 17 00:00:00 2001
From: Florian Azizian <florian.azizian@maarch.org>
Date: Mon, 29 Dec 2014 10:09:14 +0000
Subject: [PATCH] FIX #1780 check session userId before display

---
 maarch_entreprise/trunk/index.php | 12 ++++++------
 1 file changed, 6 insertions(+), 6 deletions(-)

diff --git a/maarch_entreprise/trunk/index.php b/maarch_entreprise/trunk/index.php
index 980cb355fd1..24751dab73c 100644
--- a/maarch_entreprise/trunk/index.php
+++ b/maarch_entreprise/trunk/index.php
@@ -106,12 +106,7 @@ foreach ($_REQUEST as $name => $value) {
     }
 }
 
-if (isset($_REQUEST['display'])) {
-     $core->insert_page();
-     exit();
-}
-
-if (! isset($_SESSION['user']['UserId'])) {
+if (! isset($_SESSION['user']['UserId']) && $_REQUEST['page'] <> 'login' && $_REQUEST['page'] <> 'log' ) {
 
     $_SESSION['HTTP_REFERER'] = Url::requestUri();
     if (trim($_SERVER['argv'][0]) <> '') {
@@ -122,6 +117,11 @@ if (! isset($_SESSION['user']['UserId'])) {
     exit();
 }
 
+if (isset($_REQUEST['display'])) {
+     $core->insert_page();
+     exit();
+}
+
 if (isset($_GET['show'])) {
     $show = $_GET['show'];
 } else {
-- 
GitLab