add yet another workaround for stuck login due to session cookies

diff --git a/classes/handler/public.php b/classes/handler/public.php
index 51e50adc893b9de5744785c8f5424e7cdabefaf5..798e96343ceb98e441c19d8ab4ab4f3c40854b95 100644 (file)
--- a/classes/handler/public.php
+++ b/classes/handler/public.php
@@ -492,9 +492,6 @@ class Handler_Public extends Handler {
        }
 
        function login() {
-               @session_destroy();
-               @session_start();
-
                $_SESSION["prefs_cache"] = array();
 
                if (!SINGLE_USER_MODE) {
@@ -503,6 +500,8 @@ class Handler_Public extends Handler {
                        $password = $_POST["password"];
                        $remember_me = $_POST["remember_me"];
 
+                       @session_start();
+
                        if (authenticate_user($this->link, $login, $password)) {
                                $_POST["password"] = "";
 

diff --git a/include/sessions.php b/include/sessions.php
index a83daea82489d77ba561f4f4e2b37513eb56bd48..acb2fc38df78f1f7609d23f48eacd79c6f2dd48b 100644 (file)
--- a/include/sessions.php
+++ b/include/sessions.php
@@ -107,6 +107,13 @@
        if (!defined('TTRSS_SESSION_NAME') || TTRSS_SESSION_NAME != 'ttrss_api_sid') {
                if ($_COOKIE[$session_name]) {
                        @session_start();
+
+                       if (!$_SESSION["uid"]) {
+                               session_destroy();
+                               if (isset($_COOKIE[session_name()])) {
+                                  setcookie(session_name(), '', time()-42000, '/');
+                               }
+                       }
                }
        }
 ?>