Context Navigation

← Previous Changeset
Next Changeset →

Changeset 1511

Timestamp:

Jul 28, 2006, 11:34:27 AM (18 years ago)

Author:

nikrou

Message:

Fix bug 451: improvement
small problem with reconnexion after session timeout
add auto-login function
all staff for session (connexion, auto-login and logout)
is now in include/user.inc.php

Location:

trunk

Files:

: 5 edited

identification.php (modified) (2 diffs)
include/functions_user.inc.php (modified) (2 diffs)
include/menubar.inc.php (modified) (1 diff)
include/user.inc.php (modified) (2 diffs)
index.php (modified) (1 diff)

Legend:

: Unmodified
: Added
: Removed

trunk/identification.php

-                      r1494
+                      r1511
       $remember_me = true;
+    }
     log_user( $row['id'], $remember_me);
+    log_user($row['id'], $remember_me);
     redirect(empty($redirect_to) ? make_index_url() : $redirect_to);
+  }
 …
 elseif (!empty($_COOKIE[$conf['remember_me_name']]))
+{
+  $cookie = unserialize(pwg_stripslashes($_COOKIE[$conf['remember_me_name']]));
+  $query = '
+SELECT auto_login_key
+  FROM '.USERS_TABLE.'
+  WHERE '.$conf['user_fields']['id'].' = '.$cookie['id'].'
+;';
+  $auto_login_key = current(mysql_fetch_assoc(pwg_query($query)));
+  if ($auto_login_key == $cookie['key'])
+  {
+    log_user($cookie['id'], false);
+    redirect(empty($redirect_to) ? make_index_url() : $redirect_to);
+  }
+  else
+  {
+    setcookie($conf['remember_me_name'], '', 0, cookie_path());
+    redirect(empty($redirect_to) ? make_index_url() : $redirect_to);
+  }
+  auto_login();
+}
 //----------------------------------------------------- template initialization

trunk/include/functions_user.inc.php

-                      r1493
+                      r1511
 function log_user($user_id, $remember_me)
+{
   global $conf;
+  global $conf, $user;
   if ($remember_me)
 …
   session_start();
   $_SESSION['pwg_uid'] = $user_id;
+  $user['id'] = $_SESSION['pwg_uid'];
+  $user['is_the_guest'] = false;
+}
+/*
+ * Performs auto-connexion when cookie remember_me exists
+ * @return void
+*/
+function auto_login() {
+  global $conf;
+  $cookie = unserialize(pwg_stripslashes($_COOKIE[$conf['remember_me_name']]));
+  $query = '
+SELECT auto_login_key
+  FROM '.USERS_TABLE.'
+  WHERE '.$conf['user_fields']['id'].' = '.$cookie['id'].'
+;';
+  $auto_login_key = current(mysql_fetch_assoc(pwg_query($query)));
+  if ($auto_login_key == $cookie['key'])
+  {
+    log_user($cookie['id'], false);
+    redirect(make_index_url());
+  }
+  else
+  {
+    setcookie($conf['remember_me_name'], '', 0, cookie_path());
+    redirect(make_index_url());
+  }
+}

trunk/include/menubar.inc.php

r1503	r1511
45	45	'U_REGISTER' => get_root_url().'register.php',
46	46	'U_LOST_PASSWORD' => get_root_url().'password.php',
47		'U_LOGOUT' => ~~add_url_params(make_index_url(), array('act'=>'logout') )~~,
	47	'U_LOGOUT' => get_root_url().'?act=logout',
48	48	'U_ADMIN'=> get_root_url().'admin.php',
49	49	'U_PROFILE'=> get_root_url().'profile.php',

trunk/include/user.inc.php

-                      r1231
+                      r1511
 // +-----------------------------------------------------------------------+
-// retrieving connected user informations
 if (isset($_COOKIE[session_name()]))
+{
+ session_start();
+ if (isset($_SESSION['pwg_uid']))
+ {
+   $user['id'] = $_SESSION['pwg_uid'];
+   $user['is_the_guest'] = false;
+ }
+ else
+ {
+   // session timeout
+   $user['id'] = $conf['guest_id'];
+   $user['is_the_guest'] = true;
+ }
+  session_start();
+  if (isset($_GET['act']) and $_GET['act'] == 'logout')
+  {
+    // logout
+    $_SESSION = array();
+    session_unset();
+    session_destroy();
+    setcookie(session_name(),'',0,
+              ini_get('session.cookie_path'),
+              ini_get('session.cookie_domain')
+              );
+    setcookie($conf['remember_me_name'], '', 0, cookie_path());
+    redirect(make_index_url());
+  }
+  elseif (empty($_SESSION['pwg_uid']))
+  {
+    // timeout
+    setcookie(session_name(),'',0,
+              ini_get('session.cookie_path'),
+              ini_get('session.cookie_domain')
+              );
+  }
+  else
+  {
+    $user['id'] = $_SESSION['pwg_uid'];
+    $user['is_the_guest'] = false;
+  }
+}
+elseif (!empty($_COOKIE[$conf['remember_me_name']]))
+{
+  auto_login();
+}
 else
+{
+ $user['id'] = $conf['guest_id'];
+ $user['is_the_guest'] = true;
+  $user['id'] = $conf['guest_id'];
+  $user['is_the_guest'] = true;
+}
+if ($user['is_the_guest'] and !$conf['guest_access'])
+{
+  redirect (get_root_url().'identification.php');
+}
 …
   $user['is_the_guest'] = false;
+}
 $user = array_merge(
   $user,

trunk/index.php

-                      r1503
+                      r1511
 check_status(ACCESS_GUEST);
-//---------------------------------------------------------------------- logout
-if ( isset( $_GET['act'] )
-     and $_GET['act'] == 'logout'
-     and isset( $_COOKIE[session_name()] ) )
+{
-  // cookie deletion if exists
-  $_SESSION = array();
-  session_unset();
-  session_destroy();
-  setcookie(session_name(),'',0,
-      ini_get('session.cookie_path'), ini_get('session.cookie_domain') );
-  redirect( make_index_url() );
+}
-if ($user['is_the_guest'] and !$conf['guest_access'])
+{
-  redirect (get_root_url().'identification.php');
+}
 //---------------------------------------------- change of image display order
 if (isset($_GET['image_order']))

Note: See TracChangeset for help on using the changeset viewer.