Remove code to allow unsafe authentication

This commit is contained in:
Stanislas Dolcini 2018-10-05 19:44:49 +02:00
parent d5f2c226ca
commit 519fd1f843

View file

@ -204,16 +204,8 @@ class ConnectionHandler
$permission = mysqli_fetch_assoc($result); $permission = mysqli_fetch_assoc($result);
if (!strstr($permission['AccessPrivilege'], $accessPriv)) { if (!strstr($permission['AccessPrivilege'], $accessPriv)) {
// no right to connect
if ($AcceptUnknownUser) {
// set an additionnal privilege for this player
$query = "UPDATE permission set AccessPrivilege='" . $permission['AccessPrivilege'] . ",$accessPriv' WHERE PermissionId=" . $permission['PermissionId'];
$result = mysqli_query($link, $query) or die(errorMsgBlock(3006, $query, 'main', $DBName, $DBHost, $DBUserName, mysqli_error($link)));
$reason = errorMsg(3012, $accessPriv);
} else {
// no permission // no permission
$reason = errorMsg(3013, $clientApplication, $domainName, $accessPriv); $reason = errorMsg(3013, $clientApplication, $domainName, $accessPriv);
}
} else { } else {
// // check if the user not already online // // check if the user not already online
// if ($row["State"] != "Offline") { // if ($row["State"] != "Offline") {