]> git.wh0rd.org Git - tt-rss.git/commitdiff
login system fixes...
authorAndrew Dolgov <fox@bah.spb.su>
Fri, 2 Mar 2007 11:05:17 +0000 (12:05 +0100)
committerAndrew Dolgov <fox@bah.spb.su>
Fri, 2 Mar 2007 11:05:17 +0000 (12:05 +0100)
backend.php
functions.php
login_form.php
prefs.php
sessions.php
tt-rss.php

index 67bdabb56fe788ced67f360c352ebf516b064d86..656dcbf9c2155ee4618ddd3a4755d3702886844e 100644 (file)
@@ -2,11 +2,9 @@
        require_once "sessions.php";
        require_once "modules/backend-rpc.php";
        
-       header("Cache-Control: no-cache, must-revalidate");
-       header("Cache-Control: no-cache, must-revalidate");
-
+       header("Cache-Control: no-cache, max-age=0, must-revalidate");
        header("Pragma: no-cache");
-       header("Expires: -1");
+       header("Expires: " . gmdate("D, d M Y H:i:s", time()) . " GMT");
        
 /*     if ($_GET["debug"]) {
                define('DEFAULT_ERROR_LEVEL', E_ALL);
index 98bfc2e64588530af85eae207367f17b45093d9f..49955b63f0cb267891f2a58602193b0c9645f26b 100644 (file)
                                }
                        }
 
-/*                     if ($_COOKIE[get_session_cookie_name()]) {
-                               require_once "sessions.php";
-} */
-
                        $login_action = $_POST["login_action"];
 
-/*                     if (!validate_session($link) && $login_action != "do_login") {
-                               logout_user();
-                               render_login_form($link);
-                               exit;
-} */
-
-                       $session_started = false;
-
                        # try to authenticate user if called from login form                    
                        if ($login_action == "do_login") {
                                $login = $_POST["login"];
                                $password = $_POST["password"];
                                $remember_me = $_POST["remember_me"];
 
-                               if ($remember_me) {
-                                       session_set_cookie_params(SESSION_COOKIE_LIFETIME_REMEMBER);
-                               } else {
-                                       session_set_cookie_params(SESSION_COOKIE_LIFETIME);
-                               }
-
-                               require_once "sessions.php";
-
-                               $session_started = true;
-
                                if (authenticate_user($link, $login, $password)) {
                                        $_POST["password"] = "";
 
-                                       if ($remember_me) {
-                                               $_SESSION["cookie_lifetime"] = time() + 
-                                                       SESSION_COOKIE_LIFETIME_REMEMBER;
-                                       } else if (SESSION_COOKIE_LIFETIME) {
-                                               $_SESSION["cookie_lifetime"] = time() + SESSION_COOKIE_LIFETIME;
-                                       }
-
-                                       setcookie("ttrss_cltime", $_SESSION["cookie_lifetime"], 
-                                               $_SESSION["cookie_lifetime"]);
-
                                        header("Location: " . $_SERVER["REQUEST_URI"]);
                                        exit;
 
                                }
                        }
 
-                       if (!$session_started) {
-                               require_once "sessions.php";
-                       }
+//                     print session_id();
+//                     print_r($_SESSION);
 
                        if (!$_SESSION["uid"] || !validate_session($link)) {
                                render_login_form($link);
                                exit;
                        }
 
+
                } else {
-                       require_once "sessions.php";
                        return authenticate_user($link, "admin", null);
                }
        }
index 0ecf3cc120837df4cc503dc8ad04dba7598a2f97..7ee53eb90a13e50441c033186523e685880b5282 100644 (file)
@@ -50,10 +50,10 @@ window.onload = init;
                        <td align="right"><input name="login"></td></tr>
                        <tr><td align="right">Password:</td>
                        <td align="right"><input type="password" name="password"></td></tr>
-                       <tr><td colspan="2">
+                       <!-- <tr><td colspan="2">
                                <input type="checkbox" name="remember_me" id="remember_me">
                                <label for="remember_me">Remember me on this computer</label>
-                       </td></tr>
+                       </td></tr> -->
                        <tr><td colspan="2" align="right" class="innerLoginCell">
                                <input type="submit" class="button" value="Login">
                                <input type="hidden" name="action" value="login">
index 420bc086784634afea26b54e7376e98c475382e0..ad77d86621b21b2c0bf7ab752bb951874e77ce0e 100644 (file)
--- a/prefs.php
+++ b/prefs.php
@@ -1,6 +1,6 @@
 <?php
        require_once "functions.php"; 
-//     require_once "sessions.php";
+       require_once "sessions.php";
        require_once "sanity_check.php";
        require_once "version.php"; 
        require_once "config.php";
 
        $dt_add = get_script_dt_add();
 
+       header("Cache-Control: no-cache, max-age=0, must-revalidate");
+       header("Pragma: no-cache");
+       header("Expires: " . gmdate("D, d M Y H:i:s", time()) . " GMT");
+
 ?>
 <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" 
        "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
index e1356262807bf3d8c7cc586956934948055b314f..608323a43f0b1bbec3d3c7db7d5e88dce15f72bd 100644 (file)
@@ -95,7 +95,7 @@
                session_set_save_handler("open", "close", "read", "write", "destroy", "gc");
        }
 
-//     session_set_cookie_params(SESSION_COOKIE_LIFETIME_REMEMBER);
+       session_set_cookie_params(SESSION_COOKIE_LIFETIME);
 
        session_start();
 ?>
index f39396eca251eeb94d09a1ed7fae7b6c0e89174e..ab850f2f44deb11b8f30c0ba509a9dcab7d24aff 100644 (file)
@@ -1,6 +1,6 @@
 <?php
        require_once "functions.php"; 
-//     require_once "sessions.php";
+       require_once "sessions.php";
        require_once "sanity_check.php";
        require_once "version.php"; 
        require_once "config.php";
 
        $dt_add = get_script_dt_add();
 
+       header("Cache-Control: no-cache, max-age=0, must-revalidate");
+       header("Pragma: no-cache");
+       header("Expires: " . gmdate("D, d M Y H:i:s", time()) . " GMT");
+
 ?>
 <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" 
        "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">