diff options
author | plegall <plg@piwigo.org> | 2016-01-29 12:44:38 +0100 |
---|---|---|
committer | plegall <plg@piwigo.org> | 2016-01-29 12:44:38 +0100 |
commit | a12425629e68c51a2f05c3f1cfa990e694ea0424 (patch) | |
tree | 79b884e92c5554468b9b786de693a40d429aecae /include | |
parent | 77888174cff00f8bdf8b0a4c04aca64b3fdcc5f4 (diff) |
fixes #412, warn visitor if auth key no longer valid
Diffstat (limited to '')
-rw-r--r-- | include/common.inc.php | 10 | ||||
-rw-r--r-- | include/functions_user.inc.php | 1 |
2 files changed, 11 insertions, 0 deletions
diff --git a/include/common.inc.php b/include/common.inc.php index e5c2b8e3e..a01fced8a 100644 --- a/include/common.inc.php +++ b/include/common.inc.php @@ -201,6 +201,16 @@ if (is_a_guest()) $user['username'] = l10n('guest'); } +// in case an auth key was provided and is no longer valid, we must wait to +// be here, with language loaded, to prepare the message +if (isset($page['auth_key_invalid']) and $page['auth_key_invalid']) +{ + $page['errors'][] = + l10n('Your authentication key is no longer valid.') + .sprintf(' <a href="%s">%s</a>', get_root_url().'identification.php', l10n('Login')) + ; +} + // template instance if (defined('IN_ADMIN') and IN_ADMIN ) {// Admin template diff --git a/include/functions_user.inc.php b/include/functions_user.inc.php index 2b9d48752..340bca9cb 100644 --- a/include/functions_user.inc.php +++ b/include/functions_user.inc.php @@ -1506,6 +1506,7 @@ SELECT // is the key still valid? if (strtotime($key['expired_on']) < strtotime($key['dbnow'])) { + $page['auth_key_invalid'] = true; return false; } |