diff options
| author | VirtualTam <virtualtam@flibidi.net> | 2018-04-18 23:09:45 +0200 |
|---|---|---|
| committer | VirtualTam <virtualtam@flibidi.net> | 2018-06-02 16:46:06 +0200 |
| commit | 847420847455c1339f3302b1b67568ee0f382a11 (patch) | |
| tree | b84194d0f048d12357479c57d16eff40263e8a03 /index.php | |
| parent | c7721487b2459e6760cae9d6292b7d39c306d3d6 (diff) | |
| download | Shaarli-847420847455c1339f3302b1b67568ee0f382a11.tar.gz Shaarli-847420847455c1339f3302b1b67568ee0f382a11.tar.zst Shaarli-847420847455c1339f3302b1b67568ee0f382a11.zip | |
Pass the client IP ID to LoginManager
Signed-off-by: VirtualTam <virtualtam@flibidi.net>
Diffstat (limited to 'index.php')
| -rw-r--r-- | index.php | 5 |
1 files changed, 3 insertions, 2 deletions
| @@ -123,6 +123,7 @@ if (isset($_COOKIE['shaarli']) && !SessionManager::checkId($_COOKIE['shaarli'])) | |||
| 123 | $conf = new ConfigManager(); | 123 | $conf = new ConfigManager(); |
| 124 | $sessionManager = new SessionManager($_SESSION, $conf); | 124 | $sessionManager = new SessionManager($_SESSION, $conf); |
| 125 | $loginManager = new LoginManager($GLOBALS, $conf, $sessionManager); | 125 | $loginManager = new LoginManager($GLOBALS, $conf, $sessionManager); |
| 126 | $clientIpId = client_ip_id($_SERVER); | ||
| 126 | 127 | ||
| 127 | // LC_MESSAGES isn't defined without php-intl, in this case use LC_COLLATE locale instead. | 128 | // LC_MESSAGES isn't defined without php-intl, in this case use LC_COLLATE locale instead. |
| 128 | if (! defined('LC_MESSAGES')) { | 129 | if (! defined('LC_MESSAGES')) { |
| @@ -178,7 +179,7 @@ if (! is_file($conf->getConfigFileExt())) { | |||
| 178 | // a token depending of deployment salt, user password, and the current ip | 179 | // a token depending of deployment salt, user password, and the current ip |
| 179 | define('STAY_SIGNED_IN_TOKEN', sha1($conf->get('credentials.hash') . $_SERVER['REMOTE_ADDR'] . $conf->get('credentials.salt'))); | 180 | define('STAY_SIGNED_IN_TOKEN', sha1($conf->get('credentials.hash') . $_SERVER['REMOTE_ADDR'] . $conf->get('credentials.salt'))); |
| 180 | 181 | ||
| 181 | $loginManager->checkLoginState($_SERVER, $_SESSION, $_COOKIE, WEB_PATH, STAY_SIGNED_IN_TOKEN); | 182 | $loginManager->checkLoginState($_SESSION, $_COOKIE, WEB_PATH, $clientIpId, STAY_SIGNED_IN_TOKEN); |
| 182 | 183 | ||
| 183 | /** | 184 | /** |
| 184 | * Adapter function for PageBuilder | 185 | * Adapter function for PageBuilder |
| @@ -200,7 +201,7 @@ if (isset($_POST['login'])) { | |||
| 200 | } | 201 | } |
| 201 | if (isset($_POST['password']) | 202 | if (isset($_POST['password']) |
| 202 | && $sessionManager->checkToken($_POST['token']) | 203 | && $sessionManager->checkToken($_POST['token']) |
| 203 | && $loginManager->checkCredentials($_SERVER, $_POST['login'], $_POST['password']) | 204 | && $loginManager->checkCredentials($_SERVER['REMOTE_ADDR'], $clientIpId, $_POST['login'], $_POST['password']) |
| 204 | ) { | 205 | ) { |
| 205 | // Login/password is OK. | 206 | // Login/password is OK. |
| 206 | $loginManager->handleSuccessfulLogin($_SERVER); | 207 | $loginManager->handleSuccessfulLogin($_SERVER); |