login system fixes...

This commit is contained in:
Andrew Dolgov 2007-03-02 12:05:17 +01:00
parent 7f0acba7b0
commit 1df0f48b21
6 changed files with 18 additions and 45 deletions

View file

@ -2,11 +2,9 @@
require_once "sessions.php";
require_once "modules/backend-rpc.php";
header("Cache-Control: no-cache, must-revalidate");
header("Cache-Control: no-cache, must-revalidate");
header("Cache-Control: no-cache, max-age=0, must-revalidate");
header("Pragma: no-cache");
header("Expires: -1");
header("Expires: " . gmdate("D, d M Y H:i:s", time()) . " GMT");
/* if ($_GET["debug"]) {
define('DEFAULT_ERROR_LEVEL', E_ALL);

View file

@ -1192,49 +1192,17 @@
}
}
/* if ($_COOKIE[get_session_cookie_name()]) {
require_once "sessions.php";
} */
$login_action = $_POST["login_action"];
/* if (!validate_session($link) && $login_action != "do_login") {
logout_user();
render_login_form($link);
exit;
} */
$session_started = false;
# try to authenticate user if called from login form
if ($login_action == "do_login") {
$login = $_POST["login"];
$password = $_POST["password"];
$remember_me = $_POST["remember_me"];
if ($remember_me) {
session_set_cookie_params(SESSION_COOKIE_LIFETIME_REMEMBER);
} else {
session_set_cookie_params(SESSION_COOKIE_LIFETIME);
}
require_once "sessions.php";
$session_started = true;
if (authenticate_user($link, $login, $password)) {
$_POST["password"] = "";
if ($remember_me) {
$_SESSION["cookie_lifetime"] = time() +
SESSION_COOKIE_LIFETIME_REMEMBER;
} else if (SESSION_COOKIE_LIFETIME) {
$_SESSION["cookie_lifetime"] = time() + SESSION_COOKIE_LIFETIME;
}
setcookie("ttrss_cltime", $_SESSION["cookie_lifetime"],
$_SESSION["cookie_lifetime"]);
header("Location: " . $_SERVER["REQUEST_URI"]);
exit;
@ -1244,17 +1212,16 @@
}
}
if (!$session_started) {
require_once "sessions.php";
}
// print session_id();
// print_r($_SESSION);
if (!$_SESSION["uid"] || !validate_session($link)) {
render_login_form($link);
exit;
}
} else {
require_once "sessions.php";
return authenticate_user($link, "admin", null);
}
}

View file

@ -50,10 +50,10 @@ window.onload = init;
<td align="right"><input name="login"></td></tr>
<tr><td align="right">Password:</td>
<td align="right"><input type="password" name="password"></td></tr>
<tr><td colspan="2">
<!-- <tr><td colspan="2">
<input type="checkbox" name="remember_me" id="remember_me">
<label for="remember_me">Remember me on this computer</label>
</td></tr>
</td></tr> -->
<tr><td colspan="2" align="right" class="innerLoginCell">
<input type="submit" class="button" value="Login">
<input type="hidden" name="action" value="login">

View file

@ -1,6 +1,6 @@
<?php
require_once "functions.php";
// require_once "sessions.php";
require_once "sessions.php";
require_once "sanity_check.php";
require_once "version.php";
require_once "config.php";
@ -12,6 +12,10 @@
$dt_add = get_script_dt_add();
header("Cache-Control: no-cache, max-age=0, must-revalidate");
header("Pragma: no-cache");
header("Expires: " . gmdate("D, d M Y H:i:s", time()) . " GMT");
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

View file

@ -95,7 +95,7 @@
session_set_save_handler("open", "close", "read", "write", "destroy", "gc");
}
// session_set_cookie_params(SESSION_COOKIE_LIFETIME_REMEMBER);
session_set_cookie_params(SESSION_COOKIE_LIFETIME);
session_start();
?>

View file

@ -1,6 +1,6 @@
<?php
require_once "functions.php";
// require_once "sessions.php";
require_once "sessions.php";
require_once "sanity_check.php";
require_once "version.php";
require_once "config.php";
@ -12,6 +12,10 @@
$dt_add = get_script_dt_add();
header("Cache-Control: no-cache, max-age=0, must-revalidate");
header("Pragma: no-cache");
header("Expires: " . gmdate("D, d M Y H:i:s", time()) . " GMT");
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">