aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
Diffstat (limited to '')
-rw-r--r--admin/configuration.php50
-rw-r--r--category.php1
-rw-r--r--identification.php43
-rw-r--r--include/common.inc.php7
-rw-r--r--include/config.inc.php12
-rw-r--r--include/functions_session.inc.php63
-rw-r--r--include/user.inc.php74
-rw-r--r--install/config.sql5
-rw-r--r--language/en_UK.iso-8859-1/admin.lang.php14
-rw-r--r--language/en_UK.iso-8859-1/common.lang.php1
-rw-r--r--template/default/admin/configuration.tpl15
-rw-r--r--template/default/category.tpl1
-rw-r--r--template/default/identification.tpl8
13 files changed, 173 insertions, 121 deletions
diff --git a/admin/configuration.php b/admin/configuration.php
index 3b15c0771..1c8c206f0 100644
--- a/admin/configuration.php
+++ b/admin/configuration.php
@@ -120,24 +120,6 @@ if (isset($_POST['submit']))
}
break;
}
- case 'session' :
- {
- // session_id size must be an integer between 4 and 50
- if (!preg_match($int_pattern, $_POST['session_id_size'])
- or $_POST['session_id_size'] < 4
- or $_POST['session_id_size'] > 50)
- {
- array_push($errors, $lang['conf_session_size_error']);
- }
- // session_time must be an integer between 5 and 60, in minutes
- if (!preg_match($int_pattern, $_POST['session_time'])
- or $_POST['session_time'] < 5
- or $_POST['session_time'] > 60)
- {
- array_push($errors, $lang['conf_session_time_error']);
- }
- break;
- }
}
// updating configuration if no error found
@@ -172,6 +154,8 @@ $template->assign_vars(
'L_NO'=>$lang['no'],
'L_SUBMIT'=>$lang['submit'],
'L_RESET'=>$lang['reset'],
+ 'L_URI'=>$lang['URI'],
+ 'L_COOKIE'=>$lang['cookie'],
'F_ACTION'=>add_session_id($action)
));
@@ -320,24 +304,28 @@ switch ($page['section'])
}
case 'session' :
{
- $cookie_yes = ($conf['upload_available']=='true')?'checked="checked"':'';
- $cookie_no = ($conf['upload_available']=='false')?'checked="checked"':'';
+ $auth_method_URI = ($conf['auth_method']=='URI')?'checked="checked"':'';
+ $auth_method_cookie =
+ ($conf['auth_method']=='cookie')?'checked="checked"':'';
+ $authorize_remembering_yes =
+ ($conf['authorize_remembering']=='true')?'checked="checked"':'';
+ $authorize_remembering_no =
+ ($conf['authorize_remembering']=='false')?'checked="checked"':'';
$template->assign_block_vars(
'session',
array(
'L_CONF_TITLE'=>$lang['conf_session_title'],
- 'L_CONF_COOKIE'=>$lang['conf_cookies'],
- 'L_CONF_COOKIE_INFO'=>$lang['conf_cookies_info'],
- 'L_SESSION_LENGTH'=>$lang['conf_session_time'],
- 'L_SESSION_LENGTH_INFO'=>$lang['conf_session_time_info'],
- 'L_SESSION_ID_SIZE'=>$lang['conf_session_size'],
- 'L_SESSION_ID_SIZE_INFO'=>$lang['conf_session_size_info'],
-
- 'SESSION_LENGTH'=>$conf['session_time'],
- 'SESSION_ID_SIZE'=>$conf['session_id_size'],
- 'COOKIE_YES'=>$cookie_yes,
- 'COOKIE_NO'=>$cookie_no
+ 'L_CONF_AUTH_METHOD'=>$lang['conf_auth_method'],
+ 'L_CONF_AUTH_METHOD_INFO'=>$lang['conf_auth_method_info'],
+ 'L_CONF_AUTHORIZE_REMEMBERING'=>$lang['conf_authorize_remembering'],
+ 'L_CONF_AUTHORIZE_REMEMBERING_INFO' =>
+ $lang['conf_authorize_remembering_info'],
+
+ 'AUTH_METHOD_URI'=>$auth_method_URI,
+ 'AUTH_METHOD_COOKIE'=>$auth_method_cookie,
+ 'AUTHORIZE_REMEMBERING_YES'=>$authorize_remembering_yes,
+ 'AUTHORIZE_REMEMBERING_NO'=>$authorize_remembering_no
));
break;
}
diff --git a/category.php b/category.php
index a60f9a7b9..2e897e591 100644
--- a/category.php
+++ b/category.php
@@ -152,6 +152,7 @@ $template->assign_vars(array(
'L_ADMIN_HINT' => $lang['hint_admin'],
'L_PROFILE' => $lang['customize'],
'L_PROFILE_HINT' => $lang['hint_customize'],
+ 'L_REMEMBER_ME' => $lang['remember_me'],
'F_IDENTIFY' => add_session_id( PHPWG_ROOT_PATH.'identification.php' ),
'T_RECENT' => $icon_recent,
diff --git a/identification.php b/identification.php
index 5d2a0eb46..602af430c 100644
--- a/identification.php
+++ b/identification.php
@@ -31,18 +31,40 @@ include_once( PHPWG_ROOT_PATH.'include/common.inc.php' );
//-------------------------------------------------------------- identification
$errors = array();
-if ( isset( $_POST['login'] ) )
+if (isset($_POST['login']))
{
// retrieving the encrypted password of the login submitted
- $query = 'SELECT password';
- $query.= ' FROM '.USERS_TABLE;
- $query.= " WHERE username = '".$_POST['username']."';";
- $row = mysql_fetch_array( mysql_query( $query ) );
- if( $row['password'] == md5( $_POST['password'] ) )
+ $query = '
+SELECT id, password
+ FROM '.USERS_TABLE.'
+ WHERE username = \''.$_POST['username'].'\'
+;';
+ $row = mysql_fetch_array(mysql_query($query));
+ if ($row['password'] == md5($_POST['password']))
{
- $session_id = session_create( $_POST['username'] );
- $url = 'category.php?id='.$session_id;
- redirect( $url );
+ if ($conf['auth_method'] == 'cookie'
+ or isset($_POST['remember_me']) and $_POST['remember_me'] == 1)
+ {
+ if ($conf['auth_method'] == 'cookie')
+ {
+ $cookie_length = $conf['session_length'];
+ }
+ else if ($_POST['remember_me'] == 1)
+ {
+ $cookie_length = $conf['remember_me_length'];
+ }
+ session_create($row['id'],
+ 'cookie',
+ $cookie_length);
+ redirect('category.php');
+ }
+ else if ($conf['auth_method'] == 'URI')
+ {
+ $session_id = session_create($row['id'],
+ 'URI',
+ $conf['session_length']);
+ redirect('category.php?id='.$session_id);
+ }
}
else
{
@@ -68,7 +90,8 @@ $template->assign_vars(
'L_LOGIN' => $lang['submit'],
'L_GUEST' => $lang['ident_guest_visit'],
'L_REGISTER' => $lang['ident_register'],
- 'L_FORGET' => $lang['ident_forgotten_password'],
+ 'L_FORGET' => $lang['ident_forgotten_password'],
+ 'L_REMEMBER_ME'=>$lang['remember_me'],
'T_STYLE' => $user['template'],
diff --git a/include/common.inc.php b/include/common.inc.php
index 6d4b37195..8853e67f1 100644
--- a/include/common.inc.php
+++ b/include/common.inc.php
@@ -167,9 +167,10 @@ $user_ip = encode_ip($client_ip);
// Setup gallery wide options, if this fails then we output a CRITICAL_ERROR
// since basic gallery information is not available
//
-$query = 'SELECT param,value';
-$query.= ' FROM '.CONFIG_TABLE;
-$query.= ';';
+$query = '
+SELECT param,value
+ FROM '.CONFIG_TABLE.'
+;';
if( !( $result = mysql_query( $query ) ) )
{
die("Could not query config information");
diff --git a/include/config.inc.php b/include/config.inc.php
index 1e4c4dcc5..a2a3b0d4c 100644
--- a/include/config.inc.php
+++ b/include/config.inc.php
@@ -89,4 +89,16 @@ $conf['show_exif_fields'] = array('Make',
$conf['calendar_datefield'] = 'date_available';
$conf['rate'] = true;
+
+// time of validity for "remember me" cookies, in seconds.
+$conf['remember_me_length'] = 31536000;
+
+// time of validity for normal session, in seconds.
+$conf['session_length'] = 3600;
+
+// session id length when session id in URI
+$conf['session_id_size_URI'] = 4;
+
+// session id length when session id in cookie
+$conf['session_id_size_cookie'] = 50;
?>
diff --git a/include/functions_session.inc.php b/include/functions_session.inc.php
index a92deb7a4..ce66e3a30 100644
--- a/include/functions_session.inc.php
+++ b/include/functions_session.inc.php
@@ -31,7 +31,7 @@
// "Er4Tgh6", "Rrp08P", "54gj"
// input : none (using global variable)
// output : $key
-function generate_key()
+function generate_key($size)
{
global $conf;
@@ -44,7 +44,7 @@ function generate_key()
$init = substr( $init, 0, 8 );
mt_srand( $init );
$key = '';
- for ( $i = 0; $i < $conf['session_id_size']; $i++ )
+ for ( $i = 0; $i < $size; $i++ )
{
$c = mt_rand( 0, 2 );
if ( $c == 0 ) $key .= chr( mt_rand( 65, 90 ) );
@@ -54,38 +54,53 @@ function generate_key()
return $key;
}
-// The function create_session finds a non-already-used session key and
-// returns it once found for the given user.
-function session_create( $username )
+/**
+ * create a new session and returns the session identifier
+ *
+ * - find a non-already-used session key
+ * - create a session in database
+ * - return session identifier
+ *
+ * @param int userid
+ * @param string method : cookie or URI
+ * @param int session_lentgh : in seconds
+ * @return string
+ */
+function session_create($userid, $method, $session_length)
{
global $conf;
+
// 1. searching an unused session key
$id_found = false;
- while ( !$id_found )
+ while (!$id_found)
{
- $generated_id = generate_key();
- $query = 'select id';
- $query.= ' from '.PREFIX_TABLE.'sessions';
- $query.= " where id = '".$generated_id."';";
- $result = mysql_query( $query );
- if ( mysql_num_rows( $result ) == 0 )
+ $generated_id = generate_key($conf['session_id_size_'.$method]);
+ $query = '
+SELECT id
+ FROM '.SESSIONS_TABLE.'
+ WHERE id = \''.$generated_id.'\'
+;';
+ $result = mysql_query($query);
+ if (mysql_num_rows($result) == 0)
{
$id_found = true;
}
}
- // 2. retrieving id of the username given in parameter
- $query = 'select id';
- $query.= ' from '.USERS_TABLE;
- $query.= " where username = '".$username."';";
- $row = mysql_fetch_array( mysql_query( $query ) );
- $user_id = $row['id'];
// 3. inserting session in database
- $expiration = $conf['session_time'] * 60 + time();
- $query = 'insert into '.PREFIX_TABLE.'sessions';
- $query.= ' (id,user_id,expiration,ip) values';
- $query.= "('".$generated_id."','".$user_id;
- $query.= "','".$expiration."','".$_SERVER['REMOTE_ADDR']."');";
- mysql_query( $query );
+ $expiration = $session_length + time();
+ $query = '
+INSERT INTO '.SESSIONS_TABLE.'
+ (id,user_id,expiration,ip)
+ VALUES
+ (\''.$generated_id.'\','.$userid.','.$expiration.',
+ \''.$_SERVER['REMOTE_ADDR'].'\')
+;';
+ mysql_query($query);
+
+ if ($method == 'cookie')
+ {
+ setcookie('id', $generated_id, $session_length+time(), cookie_path());
+ }
return $generated_id;
}
diff --git a/include/user.inc.php b/include/user.inc.php
index c1f018f92..01a7243d1 100644
--- a/include/user.inc.php
+++ b/include/user.inc.php
@@ -30,55 +30,65 @@
// Each field becomes an information of the array $user.
// Example :
// status --> $user['status']
-$infos = array( 'id', 'username', 'mail_address', 'nb_image_line',
- 'nb_line_page', 'status', 'language', 'maxwidth',
- 'maxheight', 'expand', 'show_nb_comments', 'recent_period',
- 'template', 'forbidden_categories' );
+$infos = array('id','username','mail_address','nb_image_line','nb_line_page',
+ 'status','language','maxwidth','maxheight','expand',
+ 'show_nb_comments','recent_period','template',
+ 'forbidden_categories');
$query_user = 'SELECT * FROM '.USERS_TABLE;
$query_done = false;
$user['is_the_guest'] = false;
// cookie deletion if administrator don't authorize them anymore
-if ( !$conf['authorize_cookies'] and isset( $_COOKIE['id'] ) )
+if (!$conf['authorize_remembering'] and isset($_COOKIE['id']))
{
- setcookie( 'id', '', 0, cookie_path() );
+ setcookie('id', '', 0, cookie_path());
$url = 'category.php';
- redirect( $url );
+ redirect($url);
}
-$user['has_cookie'] = false;
-if ( isset( $_GET['id'] ) ) $session_id = $_GET['id'];
-elseif ( isset( $_COOKIE['id'] ) )
+if (isset($_GET['id']))
+{
+ $session_id = $_GET['id'];
+ $user['has_cookie'] = false;
+ $session_id_size = $conf['session_id_size_URI'];
+}
+elseif (isset($_COOKIE['id']))
{
$session_id = $_COOKIE['id'];
$user['has_cookie'] = true;
+ $session_id_size = $conf['session_id_size_cookie'];
+}
+else
+{
+ $user['has_cookie'] = false;
}
-if ( isset( $session_id )
- and ereg( "^[0-9a-zA-Z]{".$conf['session_id_size']."}$", $session_id ) )
+if (isset($session_id)
+ and ereg("^[0-9a-zA-Z]{".$session_id_size."}$", $session_id))
{
$page['session_id'] = $session_id;
- $query = 'SELECT user_id,expiration,ip';
- $query.= ' FROM '.SESSIONS_TABLE;
- $query.= " WHERE id = '".$page['session_id']."'";
- $query.= ';';
- $result = mysql_query( $query );
- if ( mysql_num_rows( $result ) > 0 )
+ $query = '
+SELECT user_id,expiration,ip
+ FROM '.SESSIONS_TABLE.'
+ WHERE id = \''.$page['session_id'].'\'
+;';
+ $result = mysql_query($query);
+ if (mysql_num_rows($result) > 0)
{
- $row = mysql_fetch_array( $result );
- if ( !$user['has_cookie'] )
+ $row = mysql_fetch_array($result);
+ if (!$user['has_cookie'])
{
- if ( $row['expiration'] < time() )
+ if ($row['expiration'] < time())
{
// deletion of the session from the database,
// because it is out-of-date
$delete_query = 'DELETE FROM '.SESSIONS_TABLE;
$delete_query.= " WHERE id = '".$page['session_id']."'";
$delete_query.= ';';
- mysql_query( $delete_query );
+ mysql_query($delete_query);
}
- else if ( $_SERVER['REMOTE_ADDR'] == $row['ip'] )
+ else if ($_SERVER['REMOTE_ADDR'] == $row['ip'])
{
$query_user .= ' WHERE id = '.$row['user_id'];
$query_done = true;
@@ -91,23 +101,23 @@ if ( isset( $session_id )
}
}
}
-if ( !$query_done )
+if (!$query_done)
{
$query_user .= ' WHERE id = 2';
$user['is_the_guest'] = true;
}
$query_user .= ';';
-$row = mysql_fetch_array( mysql_query( $query_user ) );
+$row = mysql_fetch_array(mysql_query($query_user));
// affectation of each value retrieved in the users table into a variable
// of the array $user.
-foreach ( $infos as $info ) {
- if ( isset( $row[$info] ) )
+foreach ($infos as $info) {
+ if (isset($row[$info]))
{
// If the field is true or false, the variable is transformed into a
// boolean value.
- if ( $row[$info] == 'true' or $row[$info] == 'false' )
- $user[$info] = get_boolean( $row[$info] );
+ if ($row[$info] == 'true' or $row[$info] == 'false')
+ $user[$info] = get_boolean($row[$info]);
else
$user[$info] = $row[$info];
}
@@ -118,14 +128,14 @@ foreach ( $infos as $info ) {
}
// special for $user['restrictions'] array
-$user['restrictions'] = explode( ',', $user['forbidden_categories'] );
-if ( $user['restrictions'][0] == '' )
+$user['restrictions'] = explode(',', $user['forbidden_categories']);
+if ($user['restrictions'][0] == '')
{
$user['restrictions'] = array();
}
$isadmin = false;
-if ( $user['status'] == 'admin' )
+if ($user['status'] == 'admin')
{
$isadmin =true;
}
diff --git a/install/config.sql b/install/config.sql
index c440f1743..e6be0e8c9 100644
--- a/install/config.sql
+++ b/install/config.sql
@@ -5,8 +5,6 @@ INSERT INTO phpwebgallery_config (param,value,comment) VALUES ('mail_webmaster',
INSERT INTO phpwebgallery_config (param,value,comment) VALUES ('default_language','en_UK.iso-8859-1','Default gallery language');
INSERT INTO phpwebgallery_config (param,value,comment) VALUES ('default_template','default','Default gallery style');
INSERT INTO phpwebgallery_config (param,value,comment) VALUES ('access','free','access type to your gallery (free|restricted)');
-INSERT INTO phpwebgallery_config (param,value,comment) VALUES ('session_id_size','4','length of session identifiers');
-INSERT INTO phpwebgallery_config (param,value,comment) VALUES ('session_time','30','number of minutes for validity of sessions');
INSERT INTO phpwebgallery_config (param,value,comment) VALUES ('show_comments','true','display the users comments');
INSERT INTO phpwebgallery_config (param,value,comment) VALUES ('nb_comment_page','10','number of comments to display on each page');
INSERT INTO phpwebgallery_config (param,value,comment) VALUES ('upload_available','false','authorizing the upload of pictures by users');
@@ -18,7 +16,6 @@ INSERT INTO phpwebgallery_config (param,value,comment) VALUES ('upload_maxheight
INSERT INTO phpwebgallery_config (param,value,comment) VALUES ('log','false','keep an history of visits on your website');
INSERT INTO phpwebgallery_config (param,value,comment) VALUES ('comments_validation','false','administrators validate users comments before becoming visible');
INSERT INTO phpwebgallery_config (param,value,comment) VALUES ('comments_forall','false','even guest not registered can post comments');
-INSERT INTO phpwebgallery_config (param,value,comment) VALUES ('authorize_cookies','false','users can create cookies');
INSERT INTO phpwebgallery_config (param,value,comment) VALUES ('mail_notification','false','automated mail notification for adminsitrators');
INSERT INTO phpwebgallery_config (param,value,comment) VALUES ('nb_image_line','5','Number of images displayed per row');
INSERT INTO phpwebgallery_config (param,value,comment) VALUES ('nb_line_page','3','Number of rows displayed per page');
@@ -29,3 +26,5 @@ INSERT INTO phpwebgallery_config (param,value,comment) VALUES ('use_iptc','false
INSERT INTO phpwebgallery_config (param,value,comment) VALUES ('use_exif','true','Use EXIF data during database synchronization with files metadata');
INSERT INTO phpwebgallery_config (param,value,comment) VALUES ('show_iptc','false','Show IPTC metadata on picture.php if asked by user');
INSERT INTO phpwebgallery_config (param,value,comment) VALUES ('show_exif','true','Show EXIF metadata on picture.php if asked by user');
+INSERT INTO phpwebgallery_config (param,value,comment) VALUES ('auth_method','URI','Default method used to authenticate users : URI or cookie');
+INSERT INTO phpwebgallery_config (param,value,comment) VALUES ('authorize_remembering','true','Authorize users to be remembered, see $conf{remember_me_length}');
diff --git a/language/en_UK.iso-8859-1/admin.lang.php b/language/en_UK.iso-8859-1/admin.lang.php
index d127cf299..51b408d63 100644
--- a/language/en_UK.iso-8859-1/admin.lang.php
+++ b/language/en_UK.iso-8859-1/admin.lang.php
@@ -174,14 +174,12 @@ $lang['conf_upload_maxheight_thumbnail_error'] = 'Maximum height authorized for
// Configuration -> session
$lang['conf_session_title'] = 'Sessions';
-$lang['conf_cookies'] = 'Authorize cookies';
-$lang['conf_cookies_info'] = 'Users won\'t have to log on each visit any more. Less secure.';
-$lang['conf_session_size'] = 'Identifier size';
-$lang['conf_session_size_info'] = '- the longer your identifier is, the more secure your site is<br />- enter a number between 4 and 50';
-$lang['conf_session_size_error'] = 'the session identifier size must be an integer value between 4 and 50';
-$lang['conf_session_time'] = 'validity period';
-$lang['conf_session_time_info'] = '- the shorter the validity period is, the more secure your site is<br />- enter a number between 5 and 60, in minutes';
-$lang['conf_session_time_error'] = 'the session time must be an integer value between 5 and 60';
+$lang['conf_auth_method'] = 'Authentication method';
+$lang['conf_auth_method_info'] = 'The default authentication method can be URI (session identifier in the gallery links) or cookie (no session identifier in links but needs cookies to be authorized by web browser)';
+$lang['URI'] = 'URI';
+$lang['cookie'] = 'cookie';
+$lang['conf_authorize_remembering'] = 'Authorize remembering';
+$lang['conf_authorize_remembering_info'] = 'Permits user to log for a long time. It creates a cookie on client side, with duration set in include/config.inc.php (1 year per default)';
// Configuration -> metadata
$lang['conf_metadata_title'] = 'Metadata';
diff --git a/language/en_UK.iso-8859-1/common.lang.php b/language/en_UK.iso-8859-1/common.lang.php
index 72ef8ca75..c0427ea9e 100644
--- a/language/en_UK.iso-8859-1/common.lang.php
+++ b/language/en_UK.iso-8859-1/common.lang.php
@@ -292,4 +292,5 @@ $lang['standard_deviation'] = 'STD';
$lang['random_cat'] = 'random pictures';
$lang['random_cat_hint'] = 'Displays a set of random pictures';
$lang['picture_high'] = 'Click on the picture to see it in high definition';
+$lang['remember_me'] = 'remember me';
?> \ No newline at end of file
diff --git a/template/default/admin/configuration.tpl b/template/default/admin/configuration.tpl
index da0174ab7..a6d00aea7 100644
--- a/template/default/admin/configuration.tpl
+++ b/template/default/admin/configuration.tpl
@@ -149,17 +149,14 @@
<td colspan="2">&nbsp;</td>
</tr>
<tr>
- <td width="70%"><strong>{session.L_CONF_COOKIE}&nbsp;:</strong><br /><span class="small">{session.L_CONF_COOKIE_INFO}</span></td>
- <td class="row1"><input type="radio" class="radio" name="authorize_cookies" value="true" {session.COOKIE_YES} />{L_YES}&nbsp;&nbsp;
- <input type="radio" class="radio" name="authorize_cookies" value="false" {session.COOKIE_NO} />{L_NO}</td>
- </tr>
- <tr>
- <td><strong>{session.L_SESSION_LENGTH}&nbsp;:</strong><br /><span class="small">{session.L_SESSION_LENGTH_INFO}</span></td>
- <td class="row1"><input type="text" size="4" maxlength="6" name="session_time" value="{session.SESSION_LENGTH}" /></td>
+ <td width="70%"><strong>{session.L_CONF_AUTH_METHOD}&nbsp;:</strong><br /><span class="small">{session.L_CONF_AUTH_METHOD_INFO}</span></td>
+ <td class="row1"><input type="radio" class="radio" name="auth_method" value="URI" {session.AUTH_METHOD_URI} />{L_URI}&nbsp;&nbsp;
+ <input type="radio" class="radio" name="auth_method" value="cookie" {session.AUTH_METHOD_COOKIE} />{L_COOKIE}</td>
</tr>
<tr>
- <td><strong>{session.L_SESSION_ID_SIZE}&nbsp;:</strong><br /><span class="small">{session.L_SESSION_ID_SIZE_INFO}</span></td>
- <td class="row1"><input type="text" size="2" maxlength="3" name="session_id_size" value="{session.SESSION_ID_SIZE}" /></td>
+ <td width="70%"><strong>{session.L_CONF_AUTHORIZE_REMEMBERING}&nbsp;:</strong><br /><span class="small">{session.L_CONF_AUTHORIZE_REMEMBERING_INFO}</span></td>
+ <td class="row1"><input type="radio" class="radio" name="authorize_remembering" value="true" {session.AUTHORIZE_REMEMBERING_YES} />{L_YES}&nbsp;&nbsp;
+ <input type="radio" class="radio" name="authorize_remembering" value="false" {session.AUTHORIZE_REMEMBERING_NO} />{L_NO}</td>
</tr>
<!-- END session -->
<!-- BEGIN metadata -->
diff --git a/template/default/category.tpl b/template/default/category.tpl
index 7b4353e2c..9e8d9a7fc 100644
--- a/template/default/category.tpl
+++ b/template/default/category.tpl
@@ -41,6 +41,7 @@
<input type="text" name="username" size="15" value="" /><br />
{L_PASSWORD}<br />
<input type="password" name="password" size="15"><br />
+ <input type="checkbox" name="remember_me" value="1" /> {L_REMEMBER_ME}<br />
<input type="submit" name="login" value="{L_SUBMIT}" class="bouton" />
</form>
<!-- END login -->
diff --git a/template/default/identification.tpl b/template/default/identification.tpl
index eca0a9b89..412c28ece 100644
--- a/template/default/identification.tpl
+++ b/template/default/identification.tpl
@@ -30,6 +30,12 @@
<input class="login" type="password" name="password" size="25" maxlength="25" />
</td>
</tr>
+ <tr>
+ <td align="right"><span class="gentbl">{L_REMEMBER_ME}:</span></td>
+ <td>
+ <input type="checkbox" name="remember_me" value="1" />
+ </td>
+ </tr>
<tr align="center">
<td colspan="2"><input type="submit" name="login" value="{L_LOGIN}" class="bouton" /></td>
</tr>
@@ -47,4 +53,4 @@
</td>
</tr>
</table>
-</div> \ No newline at end of file
+</div>