diff options
author | Andrew Dolgov <[email protected]> | 2007-03-02 12:05:17 +0100 |
---|---|---|
committer | Andrew Dolgov <[email protected]> | 2007-03-02 12:05:17 +0100 |
commit | 1df0f48b2147c3cbc71dc2085de76f5a4432fb6d (patch) | |
tree | 76c7b51f2969899cf5fcb264d174760b5f2401a9 | |
parent | 7f0acba7b0e44128974e737cd2b82b794287600d (diff) |
login system fixes...
-rw-r--r-- | backend.php | 6 | ||||
-rw-r--r-- | functions.php | 39 | ||||
-rw-r--r-- | login_form.php | 4 | ||||
-rw-r--r-- | prefs.php | 6 | ||||
-rw-r--r-- | sessions.php | 2 | ||||
-rw-r--r-- | tt-rss.php | 6 |
6 files changed, 18 insertions, 45 deletions
diff --git a/backend.php b/backend.php index 67bdabb56..656dcbf9c 100644 --- a/backend.php +++ b/backend.php @@ -2,11 +2,9 @@ require_once "sessions.php"; require_once "modules/backend-rpc.php"; - header("Cache-Control: no-cache, must-revalidate"); - header("Cache-Control: no-cache, must-revalidate"); - + header("Cache-Control: no-cache, max-age=0, must-revalidate"); header("Pragma: no-cache"); - header("Expires: -1"); + header("Expires: " . gmdate("D, d M Y H:i:s", time()) . " GMT"); /* if ($_GET["debug"]) { define('DEFAULT_ERROR_LEVEL', E_ALL); diff --git a/functions.php b/functions.php index 98bfc2e64..49955b63f 100644 --- a/functions.php +++ b/functions.php @@ -1192,49 +1192,17 @@ } } -/* if ($_COOKIE[get_session_cookie_name()]) { - require_once "sessions.php"; -} */ - $login_action = $_POST["login_action"]; -/* if (!validate_session($link) && $login_action != "do_login") { - logout_user(); - render_login_form($link); - exit; -} */ - - $session_started = false; - # try to authenticate user if called from login form if ($login_action == "do_login") { $login = $_POST["login"]; $password = $_POST["password"]; $remember_me = $_POST["remember_me"]; - if ($remember_me) { - session_set_cookie_params(SESSION_COOKIE_LIFETIME_REMEMBER); - } else { - session_set_cookie_params(SESSION_COOKIE_LIFETIME); - } - - require_once "sessions.php"; - - $session_started = true; - if (authenticate_user($link, $login, $password)) { $_POST["password"] = ""; - if ($remember_me) { - $_SESSION["cookie_lifetime"] = time() + - SESSION_COOKIE_LIFETIME_REMEMBER; - } else if (SESSION_COOKIE_LIFETIME) { - $_SESSION["cookie_lifetime"] = time() + SESSION_COOKIE_LIFETIME; - } - - setcookie("ttrss_cltime", $_SESSION["cookie_lifetime"], - $_SESSION["cookie_lifetime"]); - header("Location: " . $_SERVER["REQUEST_URI"]); exit; @@ -1244,17 +1212,16 @@ } } - if (!$session_started) { - require_once "sessions.php"; - } +// print session_id(); +// print_r($_SESSION); if (!$_SESSION["uid"] || !validate_session($link)) { render_login_form($link); exit; } + } else { - require_once "sessions.php"; return authenticate_user($link, "admin", null); } } diff --git a/login_form.php b/login_form.php index 0ecf3cc12..7ee53eb90 100644 --- a/login_form.php +++ b/login_form.php @@ -50,10 +50,10 @@ window.onload = init; <td align="right"><input name="login"></td></tr> <tr><td align="right">Password:</td> <td align="right"><input type="password" name="password"></td></tr> - <tr><td colspan="2"> + <!-- <tr><td colspan="2"> <input type="checkbox" name="remember_me" id="remember_me"> <label for="remember_me">Remember me on this computer</label> - </td></tr> + </td></tr> --> <tr><td colspan="2" align="right" class="innerLoginCell"> <input type="submit" class="button" value="Login"> <input type="hidden" name="action" value="login"> @@ -1,6 +1,6 @@ <?php require_once "functions.php"; -// require_once "sessions.php"; + require_once "sessions.php"; require_once "sanity_check.php"; require_once "version.php"; require_once "config.php"; @@ -12,6 +12,10 @@ $dt_add = get_script_dt_add(); + header("Cache-Control: no-cache, max-age=0, must-revalidate"); + header("Pragma: no-cache"); + header("Expires: " . gmdate("D, d M Y H:i:s", time()) . " GMT"); + ?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> diff --git a/sessions.php b/sessions.php index e13562628..608323a43 100644 --- a/sessions.php +++ b/sessions.php @@ -95,7 +95,7 @@ session_set_save_handler("open", "close", "read", "write", "destroy", "gc"); } -// session_set_cookie_params(SESSION_COOKIE_LIFETIME_REMEMBER); + session_set_cookie_params(SESSION_COOKIE_LIFETIME); session_start(); ?> diff --git a/tt-rss.php b/tt-rss.php index f39396eca..ab850f2f4 100644 --- a/tt-rss.php +++ b/tt-rss.php @@ -1,6 +1,6 @@ <?php require_once "functions.php"; -// require_once "sessions.php"; + require_once "sessions.php"; require_once "sanity_check.php"; require_once "version.php"; require_once "config.php"; @@ -12,6 +12,10 @@ $dt_add = get_script_dt_add(); + header("Cache-Control: no-cache, max-age=0, must-revalidate"); + header("Pragma: no-cache"); + header("Expires: " . gmdate("D, d M Y H:i:s", time()) . " GMT"); + ?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> |