aboutsummaryrefslogtreecommitdiffstats
path: root/include/functions_user.inc.php
diff options
context:
space:
mode:
Diffstat (limited to 'include/functions_user.inc.php')
-rw-r--r--include/functions_user.inc.php62
1 files changed, 58 insertions, 4 deletions
diff --git a/include/functions_user.inc.php b/include/functions_user.inc.php
index c3048d6b0..ba085127f 100644
--- a/include/functions_user.inc.php
+++ b/include/functions_user.inc.php
@@ -550,15 +550,69 @@ function get_language_filepath($filename)
*/
function log_user($user_id, $remember_me)
{
- global $conf;
- $session_length = $conf['session_length'];
+ global $conf, $user;
+
if ($remember_me)
{
- $session_length = $conf['remember_me_length'];
+ // search for an existing auto_login_key
+ $query = '
+SELECT auto_login_key
+ FROM '.USERS_TABLE.'
+ WHERE '.$conf['user_fields']['id'].' = '.$user_id.'
+;';
+
+ $auto_login_key = current(mysql_fetch_assoc(pwg_query($query)));
+ if (empty($auto_login_key))
+ {
+ $auto_login_key = base64_encode(md5(uniqid(rand(), true)));
+ $query = '
+UPDATE '.USERS_TABLE.'
+ SET auto_login_key=\''.$auto_login_key.'\'
+ WHERE '.$conf['user_fields']['id'].' = '.$user_id.'
+;';
+ pwg_query($query);
+ }
+ $cookie = array('id' => $user_id, 'key' => $auto_login_key);
+ setcookie($conf['remember_me_name'],
+ serialize($cookie),
+ time()+$conf['remember_me_length'],
+ cookie_path()
+ );
}
- session_set_cookie_params($session_length);
session_start();
$_SESSION['pwg_uid'] = $user_id;
+
+ $user['id'] = $_SESSION['pwg_uid'];
+ $user['is_the_guest'] = false;
+}
+
+/*
+ * Performs auto-connexion when cookie remember_me exists
+ * @return void
+*/
+function auto_login() {
+ global $conf;
+
+ // must remove slash added in include/common.inc.php
+ $cookie = unserialize(stripslashes($_COOKIE[$conf['remember_me_name']]));
+
+ $query = '
+SELECT auto_login_key
+ FROM '.USERS_TABLE.'
+ WHERE '.$conf['user_fields']['id'].' = '.$cookie['id'].'
+;';
+
+ $auto_login_key = current(mysql_fetch_assoc(pwg_query($query)));
+ if ($auto_login_key == $cookie['key'])
+ {
+ log_user($cookie['id'], false);
+ redirect(make_index_url());
+ }
+ else
+ {
+ setcookie($conf['remember_me_name'], '', 0, cookie_path());
+ redirect(make_index_url());
+ }
}
/*
generated by cgit v1.2.3 (git 2.25.1) at 2024-06-10 14:47:10 +0000