add ability to remember logged in user after browser closes
This commit is contained in:
parent
cbbd68563b
commit
e116712bf5
6 changed files with 41 additions and 1 deletions
1
boot.php
1
boot.php
|
@ -947,6 +947,7 @@ if(! function_exists('login')) {
|
|||
|
||||
'$lname' => array('username', t('Nickname or Email address: ') , '', ''),
|
||||
'$lpassword' => array('password', t('Password: '), '', ''),
|
||||
'$lremember' => array('remember', t('Remember me'), 0, ''),
|
||||
|
||||
'$openid' => !$noid,
|
||||
'$lopenid' => array('openid_url', t('Or login using OpenID: '),'',''),
|
||||
|
|
|
@ -162,6 +162,33 @@ else {
|
|||
goaway(z_root());
|
||||
}
|
||||
|
||||
// If the user specified to remember the authentication, then change the cookie
|
||||
// to expire after one year (the default is when the browser is closed).
|
||||
// If the user did not specify to remember, change the cookie to expire when the
|
||||
// browser is closed. The reason this is necessary is because if the user
|
||||
// specifies to remember, then logs out and logs back in without specifying to
|
||||
// remember, the old "remember" cookie may remain and prevent the session from
|
||||
// expiring when the browser is closed.
|
||||
//
|
||||
// It seems like I should be able to test for the old cookie, but for some reason when
|
||||
// I read the lifetime value from session_get_cookie_params(), I always get '0'
|
||||
// (i.e. expire when the browser is closed), even when there's a time expiration
|
||||
// on the cookie
|
||||
if($_POST['remember']) {
|
||||
$old_sid = session_id();
|
||||
session_set_cookie_params('31449600'); // one year
|
||||
session_regenerate_id(false);
|
||||
|
||||
q("UPDATE session SET sid = '%s' WHERE sid = '%s'", dbesc(session_id()), dbesc($old_sid));
|
||||
}
|
||||
else {
|
||||
$old_sid = session_id();
|
||||
session_set_cookie_params('0');
|
||||
session_regenerate_id(false);
|
||||
|
||||
q("UPDATE session SET sid = '%s' WHERE sid = '%s'", dbesc(session_id()), dbesc($old_sid));
|
||||
}
|
||||
|
||||
// if we haven't failed up this point, log them in.
|
||||
|
||||
authenticate_success($record, true, true);
|
||||
|
|
|
@ -87,6 +87,10 @@ div.section-wrapper {
|
|||
margin-left: 30px;
|
||||
}
|
||||
|
||||
#div_id_remember {
|
||||
margin-top: 10px;
|
||||
}
|
||||
|
||||
#login_openid {
|
||||
margin-top: 50px;
|
||||
}
|
||||
|
|
|
@ -25,6 +25,8 @@
|
|||
<input type="submit" name="submit" id="login-submit-button" value="$login" />
|
||||
</div>
|
||||
|
||||
{{ inc field_checkbox.tpl with $field=$lremember }}{{ endinc }}
|
||||
|
||||
<br /><br />
|
||||
<div class="login-extra-links">
|
||||
{{ if $register }}<a href="register" title="$register.title" id="register-link">$register.desc</a>{{ endif }}
|
||||
|
|
|
@ -87,6 +87,10 @@ div.section-wrapper {
|
|||
margin-left: 140px;
|
||||
}
|
||||
|
||||
#div_id_remember {
|
||||
margin-top: 10px;
|
||||
}
|
||||
|
||||
/*.openid input {*/
|
||||
#id_openid_url, .openid input {
|
||||
background: url(login-bg.gif) no-repeat;
|
||||
|
|
|
@ -25,7 +25,9 @@
|
|||
<input type="submit" name="submit" id="login-submit-button" value="$login" />
|
||||
</div>
|
||||
|
||||
<br /><br /><br /><br />
|
||||
{{ inc field_checkbox.tpl with $field=$lremember }}{{ endinc }}
|
||||
|
||||
<br /><br /><br />
|
||||
<div class="login-extra-links">
|
||||
{{ if $register }}<a href="register" title="$register.title" id="register-link">$register.desc</a>{{ endif }}
|
||||
<a href="lostpass" title="$lostpass" id="lost-password-link" >$lostlink</a>
|
||||
|
|
Loading…
Reference in a new issue