From c69f166122af5acb2e8f7b4abbe7d15574f4c6b2 Mon Sep 17 00:00:00 2001
From: deuce <>
Date: Wed, 18 Jan 2006 18:18:38 +0000
Subject: [PATCH] Do not allow the Guest user to login using login.ssjs (is
 auto-logged in for message area).  Fix typo, new URI should be /index.ssjs,
 not ../index.ssjs

---
 web/root/login.ssjs | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/web/root/login.ssjs b/web/root/login.ssjs
index f397c941ba..2f76959c17 100644
--- a/web/root/login.ssjs
+++ b/web/root/login.ssjs
@@ -1,14 +1,14 @@
-if(user.number==0) {
+if(user.number==0 || user.number==system.matchuser('Guest')) {
 	http_reply.status='401 Permission Denied';
 	http_reply.header["WWW-Authenticate"]='Basic realm="'+system.name+'"';
 }
 else {
 // Note: A 302 here would mean the index would be displayed as "/login.ssjs"
-// That is to say, it would display the indes AS login.ssjs.
+// That is to say, it would display the index AS login.ssjs.
 	// http_reply.status='302 Found';
 	http_reply.status='307 Temporary Redirect';
 }
-http_reply.header.location='../index.ssjs';
+http_reply.header.location='/index.ssjs';
 http_reply.header.pragma='no-cache';
 http_reply.header.expires='0';
 http_reply.header['cache-control']='must-revalidate';
-- 
GitLab