From eaacbc7b2d224524eac6def04e9b721949afd4b8 Mon Sep 17 00:00:00 2001 From: rvelices Date: Fri, 20 Oct 2006 02:17:53 +0000 Subject: - put back config['session_length'] disappeared in r1493 but has always been used in the code (generates mysql errors on session garbage collector) - fix auto_login (die mysql when session timed out, but user has remember) - when a user reconnects from identification.php, the remember cookie was not deleted - fix all redirect warnings/errors (many changes - mainly in common.inc.php and user.inc.php) - reduced $conf['remember_me_length'] to 60 days, because now at each auto login the 60 days countdown restarts git-svn-id: http://piwigo.org/svn/trunk@1568 68402e56-0260-453c-a942-63ccdbb3a9ee --- include/user.inc.php | 75 +++++++++++++++------------------------------------- 1 file changed, 21 insertions(+), 54 deletions(-) (limited to 'include/user.inc.php') diff --git a/include/user.inc.php b/include/user.inc.php index b6b6d1bcb..f5c77b2f8 100644 --- a/include/user.inc.php +++ b/include/user.inc.php @@ -25,53 +25,44 @@ // | USA. | // +-----------------------------------------------------------------------+ +// by default we start with guest +$user['id'] = $conf['guest_id']; + if (isset($_COOKIE[session_name()])) { session_start(); if (isset($_GET['act']) and $_GET['act'] == 'logout') - { - // logout + { // logout $_SESSION = array(); session_unset(); session_destroy(); setcookie(session_name(),'',0, - ini_get('session.cookie_path'), - ini_get('session.cookie_domain') - ); + ini_get('session.cookie_path'), + ini_get('session.cookie_domain') + ); setcookie($conf['remember_me_name'], '', 0, cookie_path()); redirect(make_index_url()); - } - elseif (empty($_SESSION['pwg_uid'])) - { - // timeout + } + elseif (empty($_SESSION['pwg_uid'])) + { // timeout setcookie(session_name(),'',0, - ini_get('session.cookie_path'), - ini_get('session.cookie_domain') - ); + ini_get('session.cookie_path'), + ini_get('session.cookie_domain') + ); } else { $user['id'] = $_SESSION['pwg_uid']; - $user['is_the_guest'] = false; } } -elseif (!empty($_COOKIE[$conf['remember_me_name']])) + + +// Now check the auto-login +if ( $user['id']==$conf['guest_id'] ) { auto_login(); -} -else -{ - $user['id'] = $conf['guest_id']; - $user['is_the_guest'] = true; } -if ($user['is_the_guest'] and !$conf['guest_access'] - and (basename($_SERVER['PHP_SELF'])!='identification.php') - and (basename($_SERVER['PHP_SELF'])!='password.php') - and (basename($_SERVER['PHP_SELF'])!='register.php')) -{ - redirect (get_root_url().'identification.php'); -} // using Apache authentication override the above user search if ($conf['apache_authentication'] and isset($_SERVER['REMOTE_USER'])) @@ -81,33 +72,9 @@ if ($conf['apache_authentication'] and isset($_SERVER['REMOTE_USER'])) register_user($_SERVER['REMOTE_USER'], '', ''); $user['id'] = get_userid($_SERVER['REMOTE_USER']); } - - $user['is_the_guest'] = false; -} - -$user = array_merge( - $user, - getuserdata( - $user['id'], - ( defined('IN_ADMIN') and IN_ADMIN ) ? false : true // use cache ? - ) - ); - -// properties of user guest are found in the configuration -if ($user['is_the_guest']) -{ - $user['template'] = $conf['default_template']; - $user['nb_image_line'] = $conf['nb_image_line']; - $user['nb_line_page'] = $conf['nb_line_page']; - $user['language'] = $conf['default_language']; - $user['maxwidth'] = $conf['default_maxwidth']; - $user['maxheight'] = $conf['default_maxheight']; - $user['recent_period'] = $conf['recent_period']; - $user['expand'] = $conf['auto_expand']; - $user['show_nb_comments'] = $conf['show_nb_comments']; - $user['enabled_high'] = $conf['newuser_default_enabled_high']; } +$user = build_user( $user['id'], + ( defined('IN_ADMIN') and IN_ADMIN ) ? false : true // use cache ? + ); -// calculation of the number of picture to display per page -$user['nb_image_page'] = $user['nb_image_line'] * $user['nb_line_page']; -?> +?> \ No newline at end of file -- cgit v1.2.3