From: Andrew Dolgov Date: Thu, 1 Mar 2007 12:09:05 +0000 (+0100) Subject: login system fixes X-Git-Tag: 1.2.9~73 X-Git-Url: https://git.wh0rd.org/?a=commitdiff_plain;h=d620cfe70afc35bae4f8c2d92798448812701554;p=tt-rss.git login system fixes --- diff --git a/functions.js b/functions.js index f4c8ee1c..35b1e131 100644 --- a/functions.js +++ b/functions.js @@ -56,7 +56,7 @@ function logout_callback() { var container = document.getElementById('notify'); if (xmlhttp.readyState == 4) { try { - window.location.reload(true); + window.location.href = "tt-rss.php"; } catch (e) { exception_error("logout_callback", e); } diff --git a/functions.php b/functions.php index 17069635..59086506 100644 --- a/functions.php +++ b/functions.php @@ -1167,6 +1167,15 @@ } } } + + if ($_SESSION["cookie_lifetime"] && $_SESSION["uid"]) { + +# print time() . " vs " . $_SESSION["cookie_lifetime"]; + + if (time() > $_SESSION["cookie_lifetime"]) { + return false; + } + } return true; } @@ -1193,9 +1202,24 @@ if ($login_action == "do_login") { $login = $_POST["login"]; $password = $_POST["password"]; + $remember_me = $_POST["remember_me"]; if (authenticate_user($link, $login, $password)) { $_POST["password"] = ""; + + if ($remember_me) { + $_SESSION["cookie_lifetime"] = time() + + SESSION_COOKIE_LIFETIME_REMEMBER; + } else { + $_SESSION["cookie_lifetime"] = time() + SESSION_COOKIE_LIFETIME; + } + + setcookie("ttrss_cltime", $_SESSION["cookie_lifetime"], + $_SESSION["cookie_lifetime"]); + + header("Location: " . $_SERVER["REQUEST_URI"]); + exit; + return; } } @@ -1204,6 +1228,7 @@ render_login_form($link); exit; } + } else { return authenticate_user($link, "admin", null); } diff --git a/sessions.php b/sessions.php index aab945d4..c2854e04 100644 --- a/sessions.php +++ b/sessions.php @@ -91,11 +91,11 @@ db_query($session_connection, $query); } -// session_set_cookie_params(SESSION_COOKIE_LIFETIME); - if (DATABASE_BACKED_SESSIONS) { session_set_save_handler("open", "close", "read", "write", "destroy", "gc"); } - + + session_set_cookie_params(SESSION_COOKIE_LIFETIME_REMEMBER); + session_start(); ?>