1
1
Fork 0

add ability to remember logged in user after browser closes

This commit is contained in:
Zach Prezkuta 2012-11-07 18:59:30 -07:00
parent cbbd68563b
commit e116712bf5
6 changed files with 41 additions and 1 deletions

View file

@ -947,6 +947,7 @@ if(! function_exists('login')) {
'$lname' => array('username', t('Nickname or Email address: ') , '', ''),
'$lpassword' => array('password', t('Password: '), '', ''),
'$lremember' => array('remember', t('Remember me'), 0, ''),
'$openid' => !$noid,
'$lopenid' => array('openid_url', t('Or login using OpenID: '),'',''),

View file

@ -162,6 +162,33 @@ else {
goaway(z_root());
}
// If the user specified to remember the authentication, then change the cookie
// to expire after one year (the default is when the browser is closed).
// If the user did not specify to remember, change the cookie to expire when the
// browser is closed. The reason this is necessary is because if the user
// specifies to remember, then logs out and logs back in without specifying to
// remember, the old "remember" cookie may remain and prevent the session from
// expiring when the browser is closed.
//
// It seems like I should be able to test for the old cookie, but for some reason when
// I read the lifetime value from session_get_cookie_params(), I always get '0'
// (i.e. expire when the browser is closed), even when there's a time expiration
// on the cookie
if($_POST['remember']) {
$old_sid = session_id();
session_set_cookie_params('31449600'); // one year
session_regenerate_id(false);
q("UPDATE session SET sid = '%s' WHERE sid = '%s'", dbesc(session_id()), dbesc($old_sid));
}
else {
$old_sid = session_id();
session_set_cookie_params('0');
session_regenerate_id(false);
q("UPDATE session SET sid = '%s' WHERE sid = '%s'", dbesc(session_id()), dbesc($old_sid));
}
// if we haven't failed up this point, log them in.
authenticate_success($record, true, true);

View file

@ -87,6 +87,10 @@ div.section-wrapper {
margin-left: 30px;
}
#div_id_remember {
margin-top: 10px;
}
#login_openid {
margin-top: 50px;
}

View file

@ -25,6 +25,8 @@
<input type="submit" name="submit" id="login-submit-button" value="$login" />
</div>
{{ inc field_checkbox.tpl with $field=$lremember }}{{ endinc }}
<br /><br />
<div class="login-extra-links">
{{ if $register }}<a href="register" title="$register.title" id="register-link">$register.desc</a>{{ endif }}

View file

@ -87,6 +87,10 @@ div.section-wrapper {
margin-left: 140px;
}
#div_id_remember {
margin-top: 10px;
}
/*.openid input {*/
#id_openid_url, .openid input {
background: url(login-bg.gif) no-repeat;

View file

@ -25,7 +25,9 @@
<input type="submit" name="submit" id="login-submit-button" value="$login" />
</div>
<br /><br /><br /><br />
{{ inc field_checkbox.tpl with $field=$lremember }}{{ endinc }}
<br /><br /><br />
<div class="login-extra-links">
{{ if $register }}<a href="register" title="$register.title" id="register-link">$register.desc</a>{{ endif }}
<a href="lostpass" title="$lostpass" id="lost-password-link" >$lostlink</a>