diff options
| -rw-r--r-- | config.php-dist | 6 | ||||
| -rw-r--r-- | functions.php | 5 | ||||
| -rw-r--r-- | login.php | 16 | ||||
| -rw-r--r-- | sessions.php | 2 |
4 files changed, 24 insertions, 5 deletions
diff --git a/config.php-dist b/config.php-dist index b61313183..7787727b0 100644 --- a/config.php-dist +++ b/config.php-dist @@ -108,7 +108,11 @@ // Bind sessions to specific IP address (requires DATABASE_BACKED_SESSIONS) define('SESSION_COOKIE_LIFETIME', 0); - // In seconds, 0 means delete on browser close + // Default lifetime of a session cookie. In seconds, + // 0 means delete on browser close + + define('SESSION_COOKIE_LIFETIME_REMEMBER', 3600); + // Session cookie lifetime if "remember me" is checked on login. // vim:ft=php ?> diff --git a/functions.php b/functions.php index 8822cb35e..acbc3d31e 100644 --- a/functions.php +++ b/functions.php @@ -802,7 +802,10 @@ } function logout_user() { - session_destroy(); + session_destroy(); + if (isset($_COOKIE[session_name()])) { + setcookie(session_name(), '', time()-42000, '/'); + } } function get_script_urlpath() { @@ -1,5 +1,5 @@ <? - require_once "sessions.php"; +// require_once "sessions.php"; require_once "sanity_check.php"; require_once "version.php"; @@ -20,6 +20,15 @@ $password = $_POST["password"]; if ($login && $password) { + + if ($_POST["remember_me"]) { + session_set_cookie_params(SESSION_COOKIE_LIFETIME_REMEMBER); + } else { + session_set_cookie_params(SESSION_COOKIE_LIFETIME); + } + + require "sessions.php"; + if (authenticate_user($link, $login, $password)) { initialize_user_prefs($link, $_SESSION["uid"]); @@ -65,7 +74,10 @@ <td><input name="login"></td></tr> <tr><td align="right">Password:</td> <td><input type="password" name="password"></td></tr> - + <tr><td> </td><td> + <input type="checkbox" name="remember_me" id="remember_me"> + <label for="remember_me">Remember me</label> + </td></tr> <tr><td colspan="2" align="center"> <input type="submit" class="button" value="Login"> </td></tr> diff --git a/sessions.php b/sessions.php index 42877ffec..8d46f3f56 100644 --- a/sessions.php +++ b/sessions.php @@ -107,7 +107,7 @@ db_query($session_connection, $query); } - session_set_cookie_params(SESSION_COOKIE_LIFETIME); +// session_set_cookie_params(SESSION_COOKIE_LIFETIME); if (DATABASE_BACKED_SESSIONS) { session_set_save_handler("open", "close", "read", "write", "destroy", "gc"); |