diff options
| author | Paul S. Owen <psotfx@users.sourceforge.net> | 2002-11-02 21:44:36 +0000 |
|---|---|---|
| committer | Paul S. Owen <psotfx@users.sourceforge.net> | 2002-11-02 21:44:36 +0000 |
| commit | 5b73ad4cbd8c83f1fd5cc5713836e15caff8a045 (patch) | |
| tree | ee77539d391a5795c28665af8a8cf3291f137577 | |
| parent | 97978b69f17bb8dc19bbc59922a8ba165d976e5c (diff) | |
| download | forums-5b73ad4cbd8c83f1fd5cc5713836e15caff8a045.tar forums-5b73ad4cbd8c83f1fd5cc5713836e15caff8a045.tar.gz forums-5b73ad4cbd8c83f1fd5cc5713836e15caff8a045.tar.bz2 forums-5b73ad4cbd8c83f1fd5cc5713836e15caff8a045.tar.xz forums-5b73ad4cbd8c83f1fd5cc5713836e15caff8a045.zip | |
Fix autologin issues
git-svn-id: file:///svn/phpbb/trunk@3006 89ea8834-ac86-4346-8a33-228a782c2dd0
| -rw-r--r-- | phpBB/includes/session.php | 10 | ||||
| -rw-r--r-- | phpBB/login.php | 14 |
2 files changed, 12 insertions, 12 deletions
diff --git a/phpBB/includes/session.php b/phpBB/includes/session.php index f642855dc1..b58078e2ae 100644 --- a/phpBB/includes/session.php +++ b/phpBB/includes/session.php @@ -121,7 +121,7 @@ class session } // Create a new session - function create(&$user_id, &$autologin) + function create(&$user_id, &$autologin, $set_autologin = false) { global $SID, $db, $config; @@ -164,7 +164,7 @@ class session $db->sql_freeresult($result); // Check autologin request, is it valid? - if ($this->data['user_password'] != $autologin || !$this->data['user_active'] || !$user_id) + if (empty($this->data) || ($this->data['user_password'] != $autologin && !$set_autologin) || !$this->data['user_active']) { $autologin = ''; $this->data['user_id'] = $user_id = ANONYMOUS; @@ -211,7 +211,7 @@ class session $this->data['session_id'] = $this->session_id; - $sessiondata['autologinid'] = ($autologin && $user_id) ? $autologin : ''; + $sessiondata['autologinid'] = ($autologin && $user_id != ANONYMOUS) ? $autologin : ''; $sessiondata['userid'] = $user_id; $this->set_cookie('data', serialize($sessiondata), $current_time + 31536000); @@ -689,8 +689,8 @@ class auth return false; } - $autologin = (isset($autologin)) ? md5($password) : ''; - return ($login['user_active']) ? $user->create($login['user_id'], $autologin) : false; + $autologin = (!empty($autologin)) ? md5($password) : ''; + return ($login['user_active']) ? $user->create($login['user_id'], $autologin, true) : false; } } diff --git a/phpBB/login.php b/phpBB/login.php index 3c494cf8f6..c8b18c859a 100644 --- a/phpBB/login.php +++ b/phpBB/login.php @@ -38,21 +38,21 @@ extract($_POST); $redirect = (!empty($redirect)) ? $_SERVER['QUERY_STRING'] : ''; // Do the login/logout/form/whatever -if ( isset($login) || isset($logout) ) +if (isset($login) || isset($logout)) { - if ( isset($login) && !$user->data['user_id'] ) + if (isset($login) && !$user->data['user_id']) { - $autologin = ( !empty($autologin) ) ? true : false; + $autologin = (!empty($autologin)) ? true : false; // // Is the board disabled? Are we an admin? No, then back to the index we go // - if ( $config['board_disable'] && !$auth->acl_get('a_') ) + if ($config['board_disable'] && !$auth->acl_get('a_')) { redirect("index.$phpEx$SID"); } - if ( !$auth->login($username, $password, $autologin) ) + if (!$auth->login($username, $password, $autologin)) { $template->assign_vars(array( 'META' => '<meta http-equiv="refresh" content="3;url=' . "login.$phpEx$SID&redirect=$redirect" . '">') @@ -62,7 +62,7 @@ if ( isset($login) || isset($logout) ) message_die(MESSAGE, $message); } } - else if ( $user->data['user_id'] ) + else if ($user->data['user_id'] != ANONYMOUS) { $user->destroy(); } @@ -70,7 +70,7 @@ if ( isset($login) || isset($logout) ) // // Redirect to wherever we're supposed to go ... // - $redirect_url = ( $redirect ) ? preg_replace('/^.*?redirect=(.*?)&(.*?)$/', '\\1' . $SID . '&\\2', $redirect) : 'index.'.$phpEx; + $redirect_url = ($redirect) ? preg_replace('/^.*?redirect=(.*?)&(.*?)$/', '\\1' . $SID . '&\\2', $redirect) : 'index.'.$phpEx; redirect($redirect_url); } |