From: Andrew Dolgov <fox@bah.spb.su>
Date: Thu, 1 Mar 2007 13:33:29 +0000 (+0100)
Subject: login system fixes (4)
X-Git-Tag: 1.2.9~69
X-Git-Url: https://git.wh0rd.org/?a=commitdiff_plain;h=c12510cd4d26a1432c9e578063d98db80fff9fe1;p=tt-rss.git

login system fixes (4)
---

diff --git a/functions.php b/functions.php
index ada1b716..5f7565f7 100644
--- a/functions.php
+++ b/functions.php
@@ -1191,7 +1191,7 @@
 				}
 			}
 
-			if ($_COOKIE["ttrss_sid"]) {
+			if ($_COOKIE[get_session_cookie_name()]) {
 				require_once "sessions.php";
 			}
 
@@ -1204,7 +1204,7 @@
 			$login_action = $_POST["login_action"];
 
 			# try to authenticate user if called from login form			
-			if ($login_action == "do_login") {
+			if ($login_action == "do_login" && !$_SESSION["uid"]) {
 				$login = $_POST["login"];
 				$password = $_POST["password"];
 				$remember_me = $_POST["remember_me"];
@@ -1217,6 +1217,8 @@
 
 				require_once "sessions.php";
 
+				session_regenerate_id();
+
 				if (authenticate_user($link, $login, $password)) {
 					$_POST["password"] = "";