diff options
| author | Andrew Dolgov <[email protected]> | 2007-03-01 14:33:29 +0100 |
|---|---|---|
| committer | Andrew Dolgov <[email protected]> | 2007-03-01 14:33:29 +0100 |
| commit | c12510cd4d26a1432c9e578063d98db80fff9fe1 (patch) | |
| tree | 19216139d619d6b577762a4ef358f43c2338793e /functions.php | |
| parent | a885f0ec2a4b20f9a0efb910815684422c15c945 (diff) | |
login system fixes (4)
Diffstat (limited to 'functions.php')
| -rw-r--r-- | functions.php | 6 |
1 files changed, 4 insertions, 2 deletions
diff --git a/functions.php b/functions.php index ada1b7162..5f7565f73 100644 --- a/functions.php +++ b/functions.php @@ -1191,7 +1191,7 @@ } } - if ($_COOKIE["ttrss_sid"]) { + if ($_COOKIE[get_session_cookie_name()]) { require_once "sessions.php"; } @@ -1204,7 +1204,7 @@ $login_action = $_POST["login_action"]; # try to authenticate user if called from login form - if ($login_action == "do_login") { + if ($login_action == "do_login" && !$_SESSION["uid"]) { $login = $_POST["login"]; $password = $_POST["password"]; $remember_me = $_POST["remember_me"]; @@ -1217,6 +1217,8 @@ require_once "sessions.php"; + session_regenerate_id(); + if (authenticate_user($link, $login, $password)) { $_POST["password"] = ""; |