Session: Block access for all to session's about page -refs BT#21298

2 years ago · e512dd2411
parent c5c9b33787
commit e512dd2411
2 changed files with 4 additions and 1 deletions
--- a/main/install/configuration.dist.php
+++ b/main/install/configuration.dist.php
@ -2521,3 +2521,6 @@ INSERT INTO extra_field_options (field_id, option_value, display_text, priority,
 // login/passwords in the main login form. Browsers might choose not to
 // support this feature.
 //$_configuration['security_login_autocomplete_disable'] = false;
+
+// Block session about page access for all users
+// $_configuration['session_about_block_all_access'] = false;
--- a/main/session/about.php
+++ b/main/session/about.php
@ -20,7 +20,7 @@ $cidReset = true;

 require_once __DIR__.'/../inc/global.inc.php';

-if (api_get_setting('course_catalog_published') != 'true' && api_is_anonymous()) {
+if ((api_get_setting('course_catalog_published') != 'true' && api_is_anonymous()) || api_get_configuration_value('session_about_block_all_access') == 'true') {
    api_not_allowed(true);
 }