From ef4ef4ba72eb05b22b37a1ce7e5ec8adeec8d986 Mon Sep 17 00:00:00 2001 From: Robert Sesek Date: Sat, 14 May 2005 20:41:01 +0000 Subject: [PATCH] r130: Fixed the issue where if you signed in with remember me, logged into the admin panel, the cookies would be overwritten and you'd be logged out whenever the admin session expired. --- login.php | 24 ++++++++++++++++-------- 1 file changed, 16 insertions(+), 8 deletions(-) diff --git a/login.php b/login.php index da05e59..776b87a 100755 --- a/login.php +++ b/login.php @@ -53,21 +53,28 @@ if ($_POST['do'] == 'login' OR $_POST['do'] == 'cplogin') $userinfo = $db->query_first("SELECT * FROM user WHERE email = '" . $bugsys->in['email'] . "'"); if (md5(md5($bugsys->in['password']) . md5($userinfo['salt'])) == $userinfo['password']) { - $funct->cookie(COOKIE_PREFIX . 'userid', $userinfo['userid'], $keeplogin); - $funct->cookie(COOKIE_PREFIX . 'authkey', $userinfo['authkey'], $keeplogin); + if (!$bugsys->userinfo['userid']) + { + $funct->cookie(COOKIE_PREFIX . 'userid', $userinfo['userid'], $keeplogin); + $funct->cookie(COOKIE_PREFIX . 'authkey', $userinfo['authkey'], $keeplogin); + } + + if ($_POST['do'] == 'cplogin') + { + $funct->cookie(COOKIE_PREFIX . 'adminsession', md5(md5($userinfo['authkey']) . md5($userinfo['email']) . md5($userinfo['userid'])), false); + } } else { - $funct->cookie(COOKIE_PREFIX . 'userid'); - $funct->cookie(COOKIE_PREFIX . 'authkey'); + if (!$bugsys->userinfo['userid']) + { + $funct->cookie(COOKIE_PREFIX . 'userid'); + $funct->cookie(COOKIE_PREFIX . 'authkey'); + } echo 'Invalid email or password.'; exit; } - if ($_POST['do'] == 'cplogin') - { - $funct->cookie(COOKIE_PREFIX . 'adminsession', md5(md5($userinfo['authkey']) . md5($userinfo['email']) . md5($userinfo['userid'])), false); - } echo 'You are now logged in :-)'; @@ -82,6 +89,7 @@ if ($_REQUEST['do'] == 'logout') { $funct->cookie(COOKIE_PREFIX . 'userid'); $funct->cookie(COOKIE_PREFIX . 'authkey'); + $funct->cookie(COOKIE_PREFIX . 'adminsession'); } else { -- 2.22.5