[dev] inconsistent usage of Horde::fatal('Forbidden.', FILE, LINE) and Horde::authenticationFailureRedirect() in the administration pages

Mon Nov 1 13:58:56 UTC 2010

Zitat von Ralf Lang <lang at b1-systems.de>:

> When editing the administration pages for  
> http://bugs.horde.org/ticket/9350, I
> noticed that some admin pages call
>      Horde::fatal('Forbidden.', __FILE__, __LINE__)
> which presents the user a white screen with an error message while most admin
> pages would call
>      Horde::authenticationFailureRedirect();
>
> I don't understand what are the reasons for the different implementations. On
> the channel I was advised not to patch the Horde::fatal calls to
> authenticationFailure

authenticationFailureRedirect() is logging the user out, which is not  
necessarily what we want on unauthorized access to the admin pages. It  
would be great if you could make another patch that replaces those  
calls with Horde::fatal() calls.

Jan.

-- 
Do you need professional PHP or Horde consulting?
http://horde.org/consulting/

[dev] inconsistent usage of Horde::fatal('Forbidden.', __FILE__, __LINE__) and Horde::authenticationFailureRedirect() in the administration pages

[dev] inconsistent usage of Horde::fatal('Forbidden.', FILE, LINE) and Horde::authenticationFailureRedirect() in the administration pages