bug 451 fixed: problem with auto login

- add an auto_login_key in users_table
- $conf['session_length'] is no more useful 
    and sessions length will be 0 (until browser closed)
- add $conf['remember_me_name'] for cookie remember name


git-svn-id: http://piwigo.org/svn/trunk@1493 68402e56-0260-453c-a942-63ccdbb3a9ee
This commit is contained in:
nikrou
2006-07-23 15:25:49 +00:00
parent e3c4d79f5b
commit 5d06d43541
6 changed files with 107 additions and 12 deletions
+3 -3
View File
@@ -312,13 +312,13 @@ $conf['session_save_handler'] = 'db';
// creates a cookie on client side.
$conf['authorize_remembering'] = true;
// remember_me_name: specifies the name of the cookie used to stay logged
$conf['remember_me_name'] = 'pwg_remember';
// remember_me_length : time of validity for "remember me" cookies, in
// seconds.
$conf['remember_me_length'] = 31536000;
// session_length : time of validity for normal session, in seconds.
$conf['session_length'] = 3600;
// +-----------------------------------------------------------------------+
// | debug |
// +-----------------------------------------------------------------------+
+2 -5
View File
@@ -71,11 +71,8 @@ if (isset($conf['session_save_handler'])
ini_set('session.use_only_cookies', $conf['session_use_only_cookies']);
ini_set('session.use_trans_sid', intval($conf['session_use_trans_sid']));
}
session_name( $conf['session_name'] );
session_set_cookie_params(
ini_get('session.cookie_lifetime'),
cookie_path()
);
session_name($conf['session_name']);
session_set_cookie_params(0, cookie_path());
}
// cookie_path returns the path to use for the PhpWebGallery cookie.
+25 -3
View File
@@ -551,12 +551,34 @@ function get_language_filepath($filename)
function log_user($user_id, $remember_me)
{
global $conf;
$session_length = $conf['session_length'];
if ($remember_me)
{
$session_length = $conf['remember_me_length'];
// search for an existing auto_login_key
$query = '
SELECT auto_login_key
FROM '.USERS_TABLE.'
WHERE '.$conf['user_fields']['id'].' = '.$user_id.'
;';
$auto_login_key = current(mysql_fetch_assoc(pwg_query($query)));
if (empty($auto_login_key))
{
$auto_login_key = base64_encode(md5(uniqid(rand(), true)));
$query = '
UPDATE '.USERS_TABLE.'
SET auto_login_key=\''.$auto_login_key.'\'
WHERE '.$conf['user_fields']['id'].' = '.$user_id.'
;';
pwg_query($query);
}
$cookie = array('id' => $user_id, 'key' => $auto_login_key);
setcookie($conf['remember_me_name'],
serialize($cookie),
time()+$conf['remember_me_length'],
cookie_path()
);
}
session_set_cookie_params($session_length);
session_start();
$_SESSION['pwg_uid'] = $user_id;
}