From 46811db9c50eca0f5e51615ab9e2efee11ca2a2e Mon Sep 17 00:00:00 2001 From: Robert Sesek Date: Tue, 8 Feb 2005 17:16:21 +0000 Subject: [PATCH] r51: Made admin session cookie to be volatile. CP login will no longer "remember me". $_POST['goindex'] system cleaned up. --- login.php | 11 +++-------- 1 file changed, 3 insertions(+), 8 deletions(-) diff --git a/login.php b/login.php index e35da2a..c5fadbf 100755 --- a/login.php +++ b/login.php @@ -39,15 +39,10 @@ if ($_POST['do'] == 'login' OR $_POST['do'] == 'cplogin') if ($_POST['cplogin']) { - $vars['rememberme'] = 1; + $vars['rememberme'] = 0; } - if ($_POST['goindex']) - { - $_SERVER['HTTP_REFERER'] = ''; - } - - if ($_SERVER['HTTP_REFERER']) + if ($_SERVER['HTTP_REFERER'] AND !$_POST['goindex']) { $url = $_SERVER['HTTP_REFERER']; } @@ -72,7 +67,7 @@ if ($_POST['do'] == 'login' OR $_POST['do'] == 'cplogin') if ($_POST['do'] == 'cplogin') { - mysetcookie(COOKIE_PREFIX . 'adminsession', md5(md5($userinfo['authkey']) . md5($userinfo['email']) . md5($userinfo['userid']))); + mysetcookie(COOKIE_PREFIX . 'adminsession', md5(md5($userinfo['authkey']) . md5($userinfo['email']) . md5($userinfo['userid'])), false); } echo 'You are now logged in :-)'; -- 2.43.5