diff options
| author | Andrew Dolgov <[email protected]> | 2018-10-16 11:39:12 +0300 |
|---|---|---|
| committer | Andrew Dolgov <[email protected]> | 2018-10-16 11:39:12 +0300 |
| commit | f8fc1ac54314dbd22c8673beb15d16780a0fc4c7 (patch) | |
| tree | a767c78a7226d56e547f5bccfd9000b409aa2842 /classes/handler/public.php | |
| parent | f730d7bb0ac691153eacd80844bb530dca04e3cc (diff) | |
login: check for stale session in login handler, instead of authenticate_user()
Diffstat (limited to 'classes/handler/public.php')
| -rwxr-xr-x | classes/handler/public.php | 8 |
1 files changed, 8 insertions, 0 deletions
diff --git a/classes/handler/public.php b/classes/handler/public.php index de9c9684a..38a8d749b 100755 --- a/classes/handler/public.php +++ b/classes/handler/public.php @@ -465,6 +465,14 @@ class Handler_Public extends Handler { function login() { if (!SINGLE_USER_MODE) { + /* if a session is started here there's a stale login cookie we need to clean */ + + if (session_status() != PHP_SESSION_NONE) { + $_SESSION["login_error_msg"] = __("Stale session cookie found, try logging in again"); + + header("Location: " . get_self_url_prefix()); + exit; + } $login = clean($_POST["login"]); $password = clean($_POST["password"]); |