diff options
author | z0rglub <z0rglub@piwigo.org> | 2004-10-02 23:12:50 +0000 |
---|---|---|
committer | z0rglub <z0rglub@piwigo.org> | 2004-10-02 23:12:50 +0000 |
commit | 3c8309a7e621ede168cf7f6dfd8c8d55144525ea (patch) | |
tree | 8b13443d84b3eae9ddead399bea404a981b2bc60 /identification.php | |
parent | da836ea95fce9a8b5711366253832d298e3c4a6e (diff) |
- deletion of session_time and session_id_size as config parameter
- new feature : "remember me" creates a long time cookie
- possibility to set the default authentication method to URI or cookie
- really technical parameters (session identifier size, session duration)
are set in the config file and not in database + configuration.php
git-svn-id: http://piwigo.org/svn/trunk@541 68402e56-0260-453c-a942-63ccdbb3a9ee
Diffstat (limited to '')
-rw-r--r-- | identification.php | 43 |
1 files changed, 33 insertions, 10 deletions
diff --git a/identification.php b/identification.php index 5d2a0eb46..602af430c 100644 --- a/identification.php +++ b/identification.php @@ -31,18 +31,40 @@ include_once( PHPWG_ROOT_PATH.'include/common.inc.php' ); //-------------------------------------------------------------- identification $errors = array(); -if ( isset( $_POST['login'] ) ) +if (isset($_POST['login'])) { // retrieving the encrypted password of the login submitted - $query = 'SELECT password'; - $query.= ' FROM '.USERS_TABLE; - $query.= " WHERE username = '".$_POST['username']."';"; - $row = mysql_fetch_array( mysql_query( $query ) ); - if( $row['password'] == md5( $_POST['password'] ) ) + $query = ' +SELECT id, password + FROM '.USERS_TABLE.' + WHERE username = \''.$_POST['username'].'\' +;'; + $row = mysql_fetch_array(mysql_query($query)); + if ($row['password'] == md5($_POST['password'])) { - $session_id = session_create( $_POST['username'] ); - $url = 'category.php?id='.$session_id; - redirect( $url ); + if ($conf['auth_method'] == 'cookie' + or isset($_POST['remember_me']) and $_POST['remember_me'] == 1) + { + if ($conf['auth_method'] == 'cookie') + { + $cookie_length = $conf['session_length']; + } + else if ($_POST['remember_me'] == 1) + { + $cookie_length = $conf['remember_me_length']; + } + session_create($row['id'], + 'cookie', + $cookie_length); + redirect('category.php'); + } + else if ($conf['auth_method'] == 'URI') + { + $session_id = session_create($row['id'], + 'URI', + $conf['session_length']); + redirect('category.php?id='.$session_id); + } } else { @@ -68,7 +90,8 @@ $template->assign_vars( 'L_LOGIN' => $lang['submit'], 'L_GUEST' => $lang['ident_guest_visit'], 'L_REGISTER' => $lang['ident_register'], - 'L_FORGET' => $lang['ident_forgotten_password'], + 'L_FORGET' => $lang['ident_forgotten_password'], + 'L_REMEMBER_ME'=>$lang['remember_me'], 'T_STYLE' => $user['template'], |