if (!SINGLE_USER_MODE) {
$user_id = false;
+ $auth_module = false;
foreach (PluginHost::getInstance()->get_hooks(PluginHost::HOOK_AUTH_USER) as $plugin) {
$user_id = (int) $plugin->authenticate($login, $password);
if ($user_id) {
- $_SESSION["auth_module"] = strtolower(get_class($plugin));
+ $auth_module = strtolower(get_class($plugin));
break;
}
}
if ($user_id && !$check_only) {
+ /* if a session is started here there's a stale login cookie we need to clean */
+
if (session_status() != PHP_SESSION_NONE) {
- session_destroy();
- session_commit();
+ $_SESSION["login_error_msg"] = __("Stale session cookie found, try logging in again");
+ return false;
}
session_regenerate_id(true);
$_SESSION["uid"] = $user_id;
$_SESSION["version"] = VERSION_STATIC;
+ $_SESSION["auth_module"] = $auth_module;
$pdo = DB::pdo();
$sth = $pdo->prepare("SELECT login,access_level,pwd_hash FROM ttrss_users
git.wh0rd.org / tt-rss.git / blobdiff