aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authornikrou <nikrou@piwigo.org>2006-08-07 13:39:19 +0000
committernikrou <nikrou@piwigo.org>2006-08-07 13:39:19 +0000
commit5ae82cf8d4a092e975dc8b92b9f9d57c3d38afb9 (patch)
tree3ee499b8e16f621cfc72ebac973291b9195db4e0
parente730b6fb27bde8bec16a1651c1120adc191efdf5 (diff)
bug 451 fixed: in auto_login function slashes must be remove
before unserializing data contains in remember cookie git-svn-id: http://piwigo.org/svn/trunk@1526 68402e56-0260-453c-a942-63ccdbb3a9ee
-rw-r--r--include/functions_user.inc.php5
1 files changed, 4 insertions, 1 deletions
diff --git a/include/functions_user.inc.php b/include/functions_user.inc.php
index 28f81e7a4..d3a2b75f3 100644
--- a/include/functions_user.inc.php
+++ b/include/functions_user.inc.php
@@ -593,7 +593,9 @@ UPDATE '.USERS_TABLE.'
function auto_login() {
global $conf;
- $cookie = unserialize(pwg_stripslashes($_COOKIE[$conf['remember_me_name']]));
+ // must remove slash added in include/common.inc.php
+ $cookie = unserialize(stripslashes($_COOKIE[$conf['remember_me_name']]));
+
$query = '
SELECT auto_login_key
FROM '.USERS_TABLE.'
@@ -603,6 +605,7 @@ SELECT auto_login_key
$auto_login_key = current(mysql_fetch_assoc(pwg_query($query)));
if ($auto_login_key == $cookie['key'])
{
+ error_log("ici\n", 3, '/tmp/cookie');
log_user($cookie['id'], false);
redirect(make_index_url());
}