diff options
| -rw-r--r-- | controllers/base.php | 17 |
1 files changed, 13 insertions, 4 deletions
diff --git a/controllers/base.php b/controllers/base.php index f0ae5bd2..5c48d927 100644 --- a/controllers/base.php +++ b/controllers/base.php @@ -40,16 +40,25 @@ abstract class Base $this->board = new \Model\Board; } - public function beforeAction($controller, $action) + private function noAuthAllowed($controller, $action) { - $this->session->open(); - $public = array( 'user' => array('login', 'check'), 'task' => array('add'), ); - if (! isset($_SESSION['user']) && ! isset($public[$controller]) && ! in_array($action, $public[$controller])) { + if (isset($public[$controller])) { + return in_array($action, $public[$controller]); + } + + return false; + } + + public function beforeAction($controller, $action) + { + $this->session->open(dirname($_SERVER['PHP_SELF'])); + + if (! isset($_SESSION['user']) && ! $this->noAuthAllowed($controller, $action)) { $this->response->redirect('?controller=user&action=login'); } |