From: Andrew Dolgov <fox@bah.spb.su>
Date: Thu, 1 Mar 2007 12:09:05 +0000 (+0100)
Subject: login system fixes
X-Git-Tag: 1.2.9~73
X-Git-Url: https://git.wh0rd.org/?a=commitdiff_plain;h=d620cfe70afc35bae4f8c2d92798448812701554;p=tt-rss.git

login system fixes
---

diff --git a/functions.js b/functions.js
index f4c8ee1c..35b1e131 100644
--- a/functions.js
+++ b/functions.js
@@ -56,7 +56,7 @@ function logout_callback() {
 	var container = document.getElementById('notify');
 	if (xmlhttp.readyState == 4) {
 		try {
-			window.location.reload(true);
+			window.location.href = "tt-rss.php";
 		} catch (e) {
 			exception_error("logout_callback", e);
 		}
diff --git a/functions.php b/functions.php
index 17069635..59086506 100644
--- a/functions.php
+++ b/functions.php
@@ -1167,6 +1167,15 @@
 				}
 			}
 		}
+
+		if ($_SESSION["cookie_lifetime"] && $_SESSION["uid"]) {
+
+#			print time() . " vs " .  $_SESSION["cookie_lifetime"];
+
+			if (time() > $_SESSION["cookie_lifetime"]) {
+				return false;
+			}
+		}
 		return true;
 	}
 
@@ -1193,9 +1202,24 @@
 			if ($login_action == "do_login") {
 				$login = $_POST["login"];
 				$password = $_POST["password"];
+				$remember_me = $_POST["remember_me"];
 
 				if (authenticate_user($link, $login, $password)) {
 					$_POST["password"] = "";
+
+					if ($remember_me) {
+						$_SESSION["cookie_lifetime"] = time() + 
+							SESSION_COOKIE_LIFETIME_REMEMBER;
+					} else {
+						$_SESSION["cookie_lifetime"] = time() + SESSION_COOKIE_LIFETIME;
+					}
+
+					setcookie("ttrss_cltime", $_SESSION["cookie_lifetime"], 
+						$_SESSION["cookie_lifetime"]);
+
+					header("Location: " . $_SERVER["REQUEST_URI"]);
+					exit;
+
 					return;
 				}
 			}
@@ -1204,6 +1228,7 @@
 				render_login_form($link);
 				exit;
 			}
+
 		} else {
 			return authenticate_user($link, "admin", null);
 		}
diff --git a/sessions.php b/sessions.php
index aab945d4..c2854e04 100644
--- a/sessions.php
+++ b/sessions.php
@@ -91,11 +91,11 @@
 		db_query($session_connection, $query);
 	}
 
-//	session_set_cookie_params(SESSION_COOKIE_LIFETIME);
-
 	if (DATABASE_BACKED_SESSIONS) {
 		session_set_save_handler("open", "close", "read", "write", "destroy", "gc");
 	}
-	
+
+	session_set_cookie_params(SESSION_COOKIE_LIFETIME_REMEMBER);
+
 	session_start();
 ?>