From 074d772f361c54adb4595ea0128745f8d0ea6a6f Mon Sep 17 00:00:00 2001 From: Robert Sesek Date: Thu, 24 Nov 2005 02:21:08 +0000 Subject: [PATCH] r573: Make the admin session hourly-dependent by including a date hash --- admin/global.php | 4 ++-- login.php | 2 +- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/admin/global.php b/admin/global.php index aa671ba..86895a9 100755 --- a/admin/global.php +++ b/admin/global.php @@ -80,7 +80,7 @@ if ($_COOKIE[COOKIE_PREFIX . 'adminsession']) { if (can_perform('canadminpanel')) { - if (md5(md5($bugsys->userinfo['authkey']) . md5($bugsys->userinfo['email']) . md5($bugsys->userinfo['userid'])) != $_COOKIE[COOKIE_PREFIX . 'adminsession']) + if (md5(md5($bugsys->userinfo['authkey']) . md5(gmdate('F j, Y @ H'))) != $_COOKIE[COOKIE_PREFIX . 'adminsession']) { $funct->cookie(COOKIE_PREFIX . 'adminsession', ''); $admin->error($lang->string('Invalid admin session has been terminated.')); @@ -88,7 +88,7 @@ if ($_COOKIE[COOKIE_PREFIX . 'adminsession']) else { // renew the cookie - $funct->cookie(COOKIE_PREFIX . 'adminsession', md5(md5($bugsys->userinfo['authkey']) . md5($bugsys->userinfo['email']) . md5($bugsys->userinfo['userid'])), false); + $funct->cookie(COOKIE_PREFIX . 'adminsession', md5(md5($bugsys->userinfo['authkey']) . md5(gmdate('F j, Y @ H'))), false); $bugsys->userinfo['adminsession'] = true; } } diff --git a/login.php b/login.php index 123aa46..b2e9240 100755 --- a/login.php +++ b/login.php @@ -64,7 +64,7 @@ if ($_POST['do'] == 'login' OR $_POST['do'] == 'cplogin') if ($_POST['do'] == 'cplogin') { - $funct->cookie(COOKIE_PREFIX . 'adminsession', md5(md5($userinfo['authkey']) . md5($userinfo['email']) . md5($userinfo['userid'])), false); + $funct->cookie(COOKIE_PREFIX . 'adminsession', md5(md5($userinfo['authkey']) . md5(gmdate('F j, Y @ H'))), false); } } else -- 2.22.5