login system fixes (4)
This commit is contained in:
Andrew Dolgov
parent
a885f0ec2a
commit
c12510cd4d
|
|
@ -1191,7 +1191,7 @@
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
if ($_COOKIE["ttrss_sid"]) {
|
if ($_COOKIE[get_session_cookie_name()]) {
|
||||||
require_once "sessions.php";
|
require_once "sessions.php";
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
@ -1204,7 +1204,7 @@
|
||||||
$login_action = $_POST["login_action"];
|
$login_action = $_POST["login_action"];
|
||||||
|
|
||||||
# try to authenticate user if called from login form
|
# try to authenticate user if called from login form
|
||||||
if ($login_action == "do_login") {
|
if ($login_action == "do_login" && !$_SESSION["uid"]) {
|
||||||
$login = $_POST["login"];
|
$login = $_POST["login"];
|
||||||
$password = $_POST["password"];
|
$password = $_POST["password"];
|
||||||
$remember_me = $_POST["remember_me"];
|
$remember_me = $_POST["remember_me"];
|
||||||
|
|
@ -1217,6 +1217,8 @@
|
||||||
|
|
||||||
require_once "sessions.php";
|
require_once "sessions.php";
|
||||||
|
|
||||||
|
session_regenerate_id();
|
||||||
|
|
||||||
if (authenticate_user($link, $login, $password)) {
|
if (authenticate_user($link, $login, $password)) {
|
||||||
$_POST["password"] = "";
|
$_POST["password"] = "";
|
||||||
|
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue