- put back config['session_length'] disappeared in r1493 but has always been

used in the code (generates mysql errors on session garbage collector) - fix auto_login (die mysql when session timed out, but user has remember) - when a user reconnects from identification.php, the remember cookie was not deleted - fix all redirect warnings/errors (many changes - mainly in common.inc.php and user.inc.php) - reduced $conf['remember_me_length'] to 60 days, because now at each auto login the 60 days countdown restarts git-svn-id: http://piwigo.org/svn/trunk@1568 68402e56-0260-453c-a942-63ccdbb3a9ee
2006-10-20 02:17:53 +00:00 · 2006-10-20 02:17:53 +00:00 · eaacbc7b2d
commit eaacbc7b2d
parent dbadd4defb
7 changed files with 183 additions and 163 deletions
--- a/include/user.inc.php
+++ b/include/user.inc.php
@ -25,53 +25,44 @@
 // | USA.                                                                  |
 // +-----------------------------------------------------------------------+

+// by default we start with guest
+$user['id'] = $conf['guest_id'];
+
 if (isset($_COOKIE[session_name()]))
 {
  session_start();
  if (isset($_GET['act']) and $_GET['act'] == 'logout')
-  {
-    // logout
+  { // logout
    $_SESSION = array();
    session_unset();
    session_destroy();
    setcookie(session_name(),'',0,
-	      ini_get('session.cookie_path'), 
-	      ini_get('session.cookie_domain') 
-	      );
+        ini_get('session.cookie_path'),
+        ini_get('session.cookie_domain')
+      );
    setcookie($conf['remember_me_name'], '', 0, cookie_path());
    redirect(make_index_url());
-  } 
-  elseif (empty($_SESSION['pwg_uid'])) 
-  {
-    // timeout
+  }
+  elseif (empty($_SESSION['pwg_uid']))
+  { // timeout
    setcookie(session_name(),'',0,
-	      ini_get('session.cookie_path'), 
-	      ini_get('session.cookie_domain') 
-	      );
+        ini_get('session.cookie_path'),
+        ini_get('session.cookie_domain')
+      );
  }
  else
  {
    $user['id'] = $_SESSION['pwg_uid'];
-    $user['is_the_guest'] = false;
  }
 }
-elseif (!empty($_COOKIE[$conf['remember_me_name']]))
+
+
+// Now check the auto-login
+if ( $user['id']==$conf['guest_id'] )
 {
  auto_login();
-} 
-else
-{
-  $user['id'] = $conf['guest_id'];
-  $user['is_the_guest'] = true;
 }

-if ($user['is_the_guest'] and !$conf['guest_access'] 
-    and (basename($_SERVER['PHP_SELF'])!='identification.php')
-    and (basename($_SERVER['PHP_SELF'])!='password.php')
-    and (basename($_SERVER['PHP_SELF'])!='register.php'))
-{
-  redirect (get_root_url().'identification.php');
-}

 // using Apache authentication override the above user search
 if ($conf['apache_authentication'] and isset($_SERVER['REMOTE_USER']))
@ -81,33 +72,9 @@ if ($conf['apache_authentication'] and isset($_SERVER['REMOTE_USER']))
    register_user($_SERVER['REMOTE_USER'], '', '');
    $user['id'] = get_userid($_SERVER['REMOTE_USER']);
  }
-
-  $user['is_the_guest'] = false;
 }
+$user = build_user( $user['id'],
+          ( defined('IN_ADMIN') and IN_ADMIN ) ? false : true // use cache ?
+         );

-$user = array_merge(
-  $user,
-  getuserdata(
-    $user['id'],
-    ( defined('IN_ADMIN') and IN_ADMIN ) ? false : true // use cache ?
-    )
-  );
-
-// properties of user guest are found in the configuration
-if ($user['is_the_guest'])
-{
-  $user['template'] = $conf['default_template'];
-  $user['nb_image_line'] = $conf['nb_image_line'];
-  $user['nb_line_page'] = $conf['nb_line_page'];
-  $user['language'] = $conf['default_language'];
-  $user['maxwidth'] = $conf['default_maxwidth'];
-  $user['maxheight'] = $conf['default_maxheight'];
-  $user['recent_period'] = $conf['recent_period'];
-  $user['expand'] = $conf['auto_expand'];
-  $user['show_nb_comments'] = $conf['show_nb_comments'];
-  $user['enabled_high'] = $conf['newuser_default_enabled_high'];
-}
-
-// calculation of the number of picture to display per page
-$user['nb_image_page'] = $user['nb_image_line'] * $user['nb_line_page'];
-?>
+?>