diff options
Diffstat (limited to 'application/security')
-rw-r--r-- | application/security/LoginManager.php | 9 |
1 files changed, 4 insertions, 5 deletions
diff --git a/application/security/LoginManager.php b/application/security/LoginManager.php index 41fa9a20..4946850b 100644 --- a/application/security/LoginManager.php +++ b/application/security/LoginManager.php | |||
@@ -46,7 +46,7 @@ class LoginManager | |||
46 | $this->sessionManager = $sessionManager; | 46 | $this->sessionManager = $sessionManager; |
47 | $this->banFile = $this->configManager->get('resource.ban_file', 'data/ipbans.php'); | 47 | $this->banFile = $this->configManager->get('resource.ban_file', 'data/ipbans.php'); |
48 | $this->readBanFile(); | 48 | $this->readBanFile(); |
49 | if ($this->configManager->get('security.open_shaarli')) { | 49 | if ($this->configManager->get('security.open_shaarli') === true) { |
50 | $this->openShaarli = true; | 50 | $this->openShaarli = true; |
51 | } | 51 | } |
52 | } | 52 | } |
@@ -80,8 +80,6 @@ class LoginManager | |||
80 | * | 80 | * |
81 | * @param array $cookie The $_COOKIE array | 81 | * @param array $cookie The $_COOKIE array |
82 | * @param string $clientIpId Client IP address identifier | 82 | * @param string $clientIpId Client IP address identifier |
83 | * | ||
84 | * @return bool true if the user session is valid, false otherwise | ||
85 | */ | 83 | */ |
86 | public function checkLoginState($cookie, $clientIpId) | 84 | public function checkLoginState($cookie, $clientIpId) |
87 | { | 85 | { |
@@ -94,11 +92,12 @@ class LoginManager | |||
94 | if (isset($cookie[self::$STAY_SIGNED_IN_COOKIE]) | 92 | if (isset($cookie[self::$STAY_SIGNED_IN_COOKIE]) |
95 | && $cookie[self::$STAY_SIGNED_IN_COOKIE] === $this->staySignedInToken | 93 | && $cookie[self::$STAY_SIGNED_IN_COOKIE] === $this->staySignedInToken |
96 | ) { | 94 | ) { |
95 | // The user client has a valid stay-signed-in cookie | ||
96 | // Session information is updated with the current client information | ||
97 | $this->sessionManager->storeLoginInfo($clientIpId); | 97 | $this->sessionManager->storeLoginInfo($clientIpId); |
98 | $this->isLoggedIn = true; | 98 | $this->isLoggedIn = true; |
99 | } | ||
100 | 99 | ||
101 | if ($this->sessionManager->hasSessionExpired() | 100 | } elseif ($this->sessionManager->hasSessionExpired() |
102 | || $this->sessionManager->hasClientIpChanged($clientIpId) | 101 | || $this->sessionManager->hasClientIpChanged($clientIpId) |
103 | ) { | 102 | ) { |
104 | $this->sessionManager->logout(); | 103 | $this->sessionManager->logout(); |