diff options
Diffstat (limited to 'classes/userhelper.php')
-rw-r--r-- | classes/userhelper.php | 24 |
1 files changed, 14 insertions, 10 deletions
diff --git a/classes/userhelper.php b/classes/userhelper.php index 82a2fe05f..ca673cf58 100644 --- a/classes/userhelper.php +++ b/classes/userhelper.php @@ -18,7 +18,9 @@ class UserHelper { if ($user_id && !$check_only) { - session_start(); + if (session_status() != PHP_SESSION_ACTIVE) + session_start(); + session_regenerate_id(true); $_SESSION["uid"] = $user_id; @@ -41,11 +43,12 @@ class UserHelper { $_SESSION["user_agent"] = sha1($_SERVER['HTTP_USER_AGENT']); $_SESSION["pwd_hash"] = $row["pwd_hash"]; - Pref_Prefs::_init_user_prefs($_SESSION["uid"]); - return true; } + if ($login && $password && !$user_id && !$check_only) + Logger::log(E_USER_WARNING, "Failed login attempt for $login (service: $service) from " . UserHelper::get_user_ip()); + return false; } else { @@ -64,8 +67,6 @@ class UserHelper { $_SESSION["ip_address"] = UserHelper::get_user_ip(); - Pref_Prefs::_init_user_prefs($_SESSION["uid"]); - return true; } } @@ -75,7 +76,7 @@ class UserHelper { if (!$pluginhost) $pluginhost = PluginHost::getInstance(); if ($owner_uid && SCHEMA_VERSION >= 100 && empty($_SESSION["safe_mode"])) { - $plugins = get_pref("_ENABLED_PLUGINS", $owner_uid); + $plugins = get_pref(Prefs::_ENABLED_PLUGINS, $owner_uid); $pluginhost->load((string)$plugins, PluginHost::KIND_USER, $owner_uid); @@ -89,17 +90,20 @@ class UserHelper { $pdo = Db::pdo(); if (Config::get(Config::SINGLE_USER_MODE)) { - @session_start(); + if (session_status() != PHP_SESSION_ACTIVE) + session_start(); + self::authenticate("admin", null); startup_gettext(); self::load_user_plugins($_SESSION["uid"]); } else { - if (!\Sessions\validate_session()) $_SESSION["uid"] = false; + if (!\Sessions\validate_session()) + $_SESSION["uid"] = null; if (empty($_SESSION["uid"])) { if (Config::get(Config::AUTH_AUTO_LOGIN) && self::authenticate(null, null)) { - $_SESSION["ref_schema_version"] = get_schema_version(true); + $_SESSION["ref_schema_version"] = get_schema_version(); } else { self::authenticate(null, null, true); } @@ -127,7 +131,7 @@ class UserHelper { } static function print_user_stylesheet() { - $value = get_pref('USER_STYLESHEET'); + $value = get_pref(Prefs::USER_STYLESHEET); if ($value) { print "<style type='text/css' id='user_css_style'>"; |