X-Git-Url: https://code.citadel.org/?a=blobdiff_plain;f=ctdlphp%2Fctdlheader.php;h=48ca29c559ffb13e92957e616ae364289b2d8a9b;hb=d2f01e044da76bf55d068f20beb2e12e8939fbe3;hp=2bf55be696a76b0ecc30a164290c40aa80a932ea;hpb=e1822b173e750dbe4e495fe7031cadf4c9ee00e1;p=citadel.git

diff --git a/ctdlphp/ctdlheader.php b/ctdlphp/ctdlheader.php
index 2bf55be69..48ca29c55 100644
--- a/ctdlphp/ctdlheader.php
+++ b/ctdlphp/ctdlheader.php
@@ -15,12 +15,27 @@ include "ctdlprotocol.php";
 function bbs_page_header() {
 	global $session;
 
-	if(strcmp('4.3.0', phpversion()) > 0) {
+	if (strcmp('4.3.0', phpversion()) > 0) {
 		die("This program requires PHP 4.3.0 or newer.");
 	}
 
 	establish_citadel_session();
 
+	// If the user is trying to call up any page other than
+	// login.php logout.php do_login.php,
+	// and the session is not logged in, redirect to login.php
+	//
+	if ($_SESSION["logged_in"] != 1) {
+		$filename = basename(getenv('SCRIPT_NAME'));
+		if (	(strcmp($filename, "login.php"))
+		   &&	(strcmp($filename, "logout.php"))
+		   &&	(strcmp($filename, "do_login.php"))
+		) {
+			header("Location: login.php");
+			exit(0);
+		}
+	}
+
 	echo <<<LITERAL
 
 <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">