iarv/Piwigo
1
0
Fork 0
mirror of https://github.com/Piwigo/Piwigo.git synced 2026-03-28 17:42:57 +01:00
Code Issues Packages Projects Releases Wiki Activity

Fix bug 451: Auto login does not work properly

Browse Source 
svn merge r1492:1493 from trunk
svn merge r1510:1511 from trunk
svn merge r1521:1522 from trunk
svn merge r1523:1524 from trunk
svn merge r1525:1526 from trunk
auto_login key add to users table:
- add update script
- update upgrade_1.5.0.php script

(related to svn:1553)


git-svn-id: http://piwigo.org/svn/branches/branch-1_6@1554 68402e56-0260-453c-a942-63ccdbb3a9ee
This commit is contained in:
nikrou
2006-10-04 20:50:20 +00:00
parent cbf63ed4e2
commit d5b1c1be9e
9 changed files with 167 additions and 32 deletions
Download Patch File Download Diff File Expand all files Collapse all files

62
include/functions_user.inc.php
View File

@@ -550,15 +550,69 @@ function get_language_filepath($filename)
*/
function log_user($user_id, $remember_me)
{
global $conf;
$session_length = $conf['session_length'];
global $conf, $user;
if ($remember_me)
{
$session_length = $conf['remember_me_length'];
// search for an existing auto_login_key
$query = '
SELECT auto_login_key
FROM '.USERS_TABLE.'
WHERE '.$conf['user_fields']['id'].' = '.$user_id.'
;';
$auto_login_key = current(mysql_fetch_assoc(pwg_query($query)));
if (empty($auto_login_key))
{
$auto_login_key = base64_encode(md5(uniqid(rand(), true)));
$query = '
UPDATE '.USERS_TABLE.'
SET auto_login_key=\''.$auto_login_key.'\'
WHERE '.$conf['user_fields']['id'].' = '.$user_id.'
;';
pwg_query($query);
}
$cookie = array('id' => $user_id, 'key' => $auto_login_key);
setcookie($conf['remember_me_name'],
serialize($cookie),
time()+$conf['remember_me_length'],
cookie_path()
);
}
session_set_cookie_params($session_length);
session_start();
$_SESSION['pwg_uid'] = $user_id;
$user['id'] = $_SESSION['pwg_uid'];
$user['is_the_guest'] = false;
}
/*
* Performs auto-connexion when cookie remember_me exists
* @return void
*/
function auto_login() {
global $conf;
// must remove slash added in include/common.inc.php
$cookie = unserialize(stripslashes($_COOKIE[$conf['remember_me_name']]));
$query = '
SELECT auto_login_key
FROM '.USERS_TABLE.'
WHERE '.$conf['user_fields']['id'].' = '.$cookie['id'].'
;';
$auto_login_key = current(mysql_fetch_assoc(pwg_query($query)));
if ($auto_login_key == $cookie['key'])
{
log_user($cookie['id'], false);
redirect(make_index_url());
}
else
{
setcookie($conf['remember_me_name'], '', 0, cookie_path());
redirect(make_index_url());
}
}
/*