mirror of
https://github.com/Piwigo/Piwigo.git
synced 2026-07-06 09:52:29 +02:00
bug 451 fixed: problem with auto login
- add an auto_login_key in users_table
- $conf['session_length'] is no more useful
and sessions length will be 0 (until browser closed)
- add $conf['remember_me_name'] for cookie remember name
git-svn-id: http://piwigo.org/svn/trunk@1493 68402e56-0260-453c-a942-63ccdbb3a9ee
This commit is contained in:
@@ -312,13 +312,13 @@ $conf['session_save_handler'] = 'db';
|
||||
// creates a cookie on client side.
|
||||
$conf['authorize_remembering'] = true;
|
||||
|
||||
// remember_me_name: specifies the name of the cookie used to stay logged
|
||||
$conf['remember_me_name'] = 'pwg_remember';
|
||||
|
||||
// remember_me_length : time of validity for "remember me" cookies, in
|
||||
// seconds.
|
||||
$conf['remember_me_length'] = 31536000;
|
||||
|
||||
// session_length : time of validity for normal session, in seconds.
|
||||
$conf['session_length'] = 3600;
|
||||
|
||||
// +-----------------------------------------------------------------------+
|
||||
// | debug |
|
||||
// +-----------------------------------------------------------------------+
|
||||
|
||||
@@ -71,11 +71,8 @@ if (isset($conf['session_save_handler'])
|
||||
ini_set('session.use_only_cookies', $conf['session_use_only_cookies']);
|
||||
ini_set('session.use_trans_sid', intval($conf['session_use_trans_sid']));
|
||||
}
|
||||
session_name( $conf['session_name'] );
|
||||
session_set_cookie_params(
|
||||
ini_get('session.cookie_lifetime'),
|
||||
cookie_path()
|
||||
);
|
||||
session_name($conf['session_name']);
|
||||
session_set_cookie_params(0, cookie_path());
|
||||
}
|
||||
|
||||
// cookie_path returns the path to use for the PhpWebGallery cookie.
|
||||
|
||||
@@ -551,12 +551,34 @@ function get_language_filepath($filename)
|
||||
function log_user($user_id, $remember_me)
|
||||
{
|
||||
global $conf;
|
||||
$session_length = $conf['session_length'];
|
||||
|
||||
if ($remember_me)
|
||||
{
|
||||
$session_length = $conf['remember_me_length'];
|
||||
// search for an existing auto_login_key
|
||||
$query = '
|
||||
SELECT auto_login_key
|
||||
FROM '.USERS_TABLE.'
|
||||
WHERE '.$conf['user_fields']['id'].' = '.$user_id.'
|
||||
;';
|
||||
|
||||
$auto_login_key = current(mysql_fetch_assoc(pwg_query($query)));
|
||||
if (empty($auto_login_key))
|
||||
{
|
||||
$auto_login_key = base64_encode(md5(uniqid(rand(), true)));
|
||||
$query = '
|
||||
UPDATE '.USERS_TABLE.'
|
||||
SET auto_login_key=\''.$auto_login_key.'\'
|
||||
WHERE '.$conf['user_fields']['id'].' = '.$user_id.'
|
||||
;';
|
||||
pwg_query($query);
|
||||
}
|
||||
$cookie = array('id' => $user_id, 'key' => $auto_login_key);
|
||||
setcookie($conf['remember_me_name'],
|
||||
serialize($cookie),
|
||||
time()+$conf['remember_me_length'],
|
||||
cookie_path()
|
||||
);
|
||||
}
|
||||
session_set_cookie_params($session_length);
|
||||
session_start();
|
||||
$_SESSION['pwg_uid'] = $user_id;
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user