diff options
Diffstat (limited to 'classes/handler/public.php')
-rwxr-xr-x | classes/handler/public.php | 23 |
1 files changed, 12 insertions, 11 deletions
diff --git a/classes/handler/public.php b/classes/handler/public.php index 42be6f713..e4572382e 100755 --- a/classes/handler/public.php +++ b/classes/handler/public.php @@ -40,7 +40,7 @@ class Handler_Public extends Handler { if (!$is_cat && is_numeric($feed) && $feed < PLUGIN_FEED_BASE_INDEX && $feed > LABEL_BASE_INDEX) { - $user_plugins = get_pref("_ENABLED_PLUGINS", $owner_uid); + $user_plugins = get_pref(Prefs::_ENABLED_PLUGINS, $owner_uid); $tmppluginhost = new PluginHost(); $tmppluginhost->load(Config::get(Config::PLUGINS), PluginHost::KIND_ALL); @@ -354,20 +354,22 @@ class Handler_Public extends Handler { $remember_me = clean($_POST["remember_me"] ?? false); $safe_mode = checkbox_to_sql_bool(clean($_POST["safe_mode"] ?? false)); - if ($remember_me) { - @session_set_cookie_params(Config::get(Config::SESSION_COOKIE_LIFETIME)); - } else { - @session_set_cookie_params(0); + if (session_status() != PHP_SESSION_ACTIVE) { + if ($remember_me) { + session_set_cookie_params(Config::get(Config::SESSION_COOKIE_LIFETIME)); + } else { + session_set_cookie_params(0); + } } if (UserHelper::authenticate($login, $password)) { $_POST["password"] = ""; if (get_schema_version() >= 120) { - $_SESSION["language"] = get_pref("USER_LANGUAGE", $_SESSION["uid"]); + $_SESSION["language"] = get_pref(Prefs::USER_LANGUAGE, $_SESSION["uid"]); } - $_SESSION["ref_schema_version"] = get_schema_version(true); + $_SESSION["ref_schema_version"] = get_schema_version(); $_SESSION["bw_limit"] = !!clean($_POST["bw_limit"] ?? false); $_SESSION["safe_mode"] = $safe_mode; @@ -388,12 +390,11 @@ class Handler_Public extends Handler { } else { // start an empty session to deliver login error message - @session_start(); + if (session_status() != PHP_SESSION_ACTIVE) + session_start(); if (!isset($_SESSION["login_error_msg"])) $_SESSION["login_error_msg"] = __("Incorrect username or password"); - - user_error("Failed login attempt for $login from " . UserHelper::get_user_ip(), E_USER_WARNING); } $return = clean($_REQUEST['return']); @@ -613,7 +614,7 @@ class Handler_Public extends Handler { function dbupdate() { startup_gettext(); - if (!Config::get(Config::SINGLE_USER_MODE) && $_SESSION["access_level"] < 10) { + if (!Config::get(Config::SINGLE_USER_MODE) && ($_SESSION["access_level"] ?? 0) < 10) { $_SESSION["login_error_msg"] = __("Your access level is insufficient to run this script."); $this->_render_login_form(); exit; |