- deletion of session_time and session_id_size as config parameter

- new feature : "remember me" creates a long time cookie - possibility to set the default authentication method to URI or cookie - really technical parameters (session identifier size, session duration) are set in the config file and not in database + configuration.php git-svn-id: http://piwigo.org/svn/trunk@541 68402e56-0260-453c-a942-63ccdbb3a9ee
2026-03-28 17:42:57 +01:00 · 2004-10-02 23:12:50 +00:00
parent da836ea95f
commit 3c8309a7e6
13 changed files with 173 additions and 121 deletions
--- a/identification.php
+++ b/identification.php
@@ -31,18 +31,40 @@ include_once( PHPWG_ROOT_PATH.'include/common.inc.php' );

 //-------------------------------------------------------------- identification
 $errors = array();
-if ( isset( $_POST['login'] ) )
+if (isset($_POST['login']))
 {
  // retrieving the encrypted password of the login submitted
-  $query = 'SELECT password';
-  $query.= ' FROM '.USERS_TABLE;
-  $query.= " WHERE username = '".$_POST['username']."';";
-  $row = mysql_fetch_array( mysql_query( $query ) );
-  if( $row['password'] == md5( $_POST['password'] ) )
+  $query = '
+SELECT id, password
+  FROM '.USERS_TABLE.'
+  WHERE username = \''.$_POST['username'].'\'
+;';
+  $row = mysql_fetch_array(mysql_query($query));
+  if ($row['password'] == md5($_POST['password']))
  {
-    $session_id = session_create( $_POST['username'] );
-    $url = 'category.php?id='.$session_id;
-    redirect( $url );
+    if ($conf['auth_method'] == 'cookie'
+        or isset($_POST['remember_me']) and $_POST['remember_me'] == 1)
+    {
+      if ($conf['auth_method'] == 'cookie')
+      {
+        $cookie_length = $conf['session_length'];
+      }
+      else if ($_POST['remember_me'] == 1)
+      {
+        $cookie_length = $conf['remember_me_length'];
+      }
+      session_create($row['id'],
+                     'cookie',
+                     $cookie_length);
+      redirect('category.php');
+    }
+    else if ($conf['auth_method'] == 'URI')
+    {
+      $session_id = session_create($row['id'],
+                                   'URI',
+                                   $conf['session_length']);
+      redirect('category.php?id='.$session_id);
+    }
  }
  else
  {
@@ -68,7 +90,8 @@ $template->assign_vars(
    'L_LOGIN' => $lang['submit'],
    'L_GUEST' => $lang['ident_guest_visit'],
    'L_REGISTER' => $lang['ident_register'],
-    'L_FORGET' => $lang['ident_forgotten_password'], 
+    'L_FORGET' => $lang['ident_forgotten_password'],
+    'L_REMEMBER_ME'=>$lang['remember_me'],
    
    'T_STYLE' => $user['template'],