Disable enhancedauth by default

Admins can still enable it via config.php
2012-10-22 23:04:39 +02:00 · 2012-10-22 23:04:39 +02:00 · 65619af05b
parent b879cd709e
commit 65619af05b
2 changed files with 4 additions and 4 deletions
--- a/lib/json.php
+++ b/lib/json.php
@ -83,7 +83,7 @@ class OC_JSON{
 	* Check if the user verified the login with his password
 	*/
 	public static function verifyUser() {
-		if(OC_Config::getValue('enhancedauth', true) === true) {
+		if(OC_Config::getValue('enhancedauth', false) === true) {
 			if(!isset($_SESSION['verifiedLogin']) OR $_SESSION['verifiedLogin'] < time()) {
 				$l = OC_L10N::get('lib');
 				self::error(array( 'data' => array( 'message' => $l->t('Authentication error') )));
--- a/lib/util.php
+++ b/lib/util.php
@ -398,7 +398,7 @@ class OC_Util {
 	* If not, the user will be shown a password verification page
 	*/
 	public static function verifyUser() {
-		if(OC_Config::getValue('enhancedauth', true) === true) {
+		if(OC_Config::getValue('enhancedauth', false) === true) {
 					// Check password to set session
 			if(isset($_POST['password'])) {
 				if (OC_User::login(OC_User::getUser(), $_POST["password"] ) === true) {
@ -419,12 +419,12 @@ class OC_Util {
 	* @return bool
 	*/
 	public static function isUserVerified() {
-		if(OC_Config::getValue('enhancedauth', true) === true) {
+		if(OC_Config::getValue('enhancedauth', false) === true) {
 			if(!isset($_SESSION['verifiedLogin']) OR $_SESSION['verifiedLogin'] < time()) {
 				return false;
 			}
-			return true;
 		}
+		return true;
 	}
 	
 	/**