Session fix when form + HTTP auth are used (#2286)

https://github.com/Alkarex/FreshRSS/commit/bf51c82d55f6bf1af2a6464ca4f148d6c613d28f https://github.com/FreshRSS/FreshRSS/issues/2125#issuecomment-473873922
author: Alexandre Alapetite <alexandre@alapetite.fr> 2019-03-20 17:52:31 +0100
committer: GitHub <noreply@github.com> 2019-03-20 17:52:31 +0100
commit: e84a90943ab1e4a254b2d33c7cabef18b718b456 (patch)
tree: 9636c2609497fc5b1e66408c112a9275c95384b6 /app/Models/Auth.php
parent: 707388c09334364d085c598f6b483175a51d7d19 (diff)
1 files changed, 1 insertions, 1 deletions
diff --git a/app/Models/Auth.php b/app/Models/Auth.php
index 513a9cb2f..16a506f00 100644
--- a/app/Models/Auth.php
+++ b/app/Models/Auth.php
@@ -13,7 +13,7 @@ class FreshRSS_Auth {
 	 * This method initializes authentication system.
 	 */
 	public static function init() {
-		if (Minz_Session::param('REMOTE_USER', '') !== httpAuthUser()) {
+		if (isset($_SESSION['REMOTE_USER']) && $_SESSION['REMOTE_USER'] !== httpAuthUser()) {
 			//HTTP REMOTE_USER has changed
 			self::removeAccess();
 		}
author	Alexandre Alapetite <alexandre@alapetite.fr>	2019-03-20 17:52:31 +0100
committer	GitHub <noreply@github.com>	2019-03-20 17:52:31 +0100
commit	e84a90943ab1e4a254b2d33c7cabef18b718b456 (patch)
tree	9636c2609497fc5b1e66408c112a9275c95384b6 /app/Models/Auth.php
parent	707388c09334364d085c598f6b483175a51d7d19 (diff)