diff options
Diffstat (limited to 'index.php')
| -rw-r--r-- | index.php | 12 |
1 files changed, 5 insertions, 7 deletions
| @@ -123,6 +123,7 @@ if (isset($_COOKIE['shaarli']) && !SessionManager::checkId($_COOKIE['shaarli'])) | |||
| 123 | $conf = new ConfigManager(); | 123 | $conf = new ConfigManager(); |
| 124 | $sessionManager = new SessionManager($_SESSION, $conf); | 124 | $sessionManager = new SessionManager($_SESSION, $conf); |
| 125 | $loginManager = new LoginManager($GLOBALS, $conf, $sessionManager); | 125 | $loginManager = new LoginManager($GLOBALS, $conf, $sessionManager); |
| 126 | $loginManager->generateStaySignedInToken($_SERVER['REMOTE_ADDR']); | ||
| 126 | $clientIpId = client_ip_id($_SERVER); | 127 | $clientIpId = client_ip_id($_SERVER); |
| 127 | 128 | ||
| 128 | // LC_MESSAGES isn't defined without php-intl, in this case use LC_COLLATE locale instead. | 129 | // LC_MESSAGES isn't defined without php-intl, in this case use LC_COLLATE locale instead. |
| @@ -176,10 +177,7 @@ if (! is_file($conf->getConfigFileExt())) { | |||
| 176 | install($conf, $sessionManager); | 177 | install($conf, $sessionManager); |
| 177 | } | 178 | } |
| 178 | 179 | ||
| 179 | // a token depending of deployment salt, user password, and the current ip | 180 | $loginManager->checkLoginState($_COOKIE, $clientIpId); |
| 180 | define('STAY_SIGNED_IN_TOKEN', sha1($conf->get('credentials.hash') . $_SERVER['REMOTE_ADDR'] . $conf->get('credentials.salt'))); | ||
| 181 | |||
| 182 | $loginManager->checkLoginState($_COOKIE, $clientIpId, STAY_SIGNED_IN_TOKEN); | ||
| 183 | 181 | ||
| 184 | /** | 182 | /** |
| 185 | * Adapter function to ensure compatibility with third-party templates | 183 | * Adapter function to ensure compatibility with third-party templates |
| @@ -219,8 +217,8 @@ if (isset($_POST['login'])) { | |||
| 219 | $expirationTime = $sessionManager->extendSession(); | 217 | $expirationTime = $sessionManager->extendSession(); |
| 220 | 218 | ||
| 221 | setcookie( | 219 | setcookie( |
| 222 | $sessionManager::$LOGGED_IN_COOKIE, | 220 | $loginManager::$STAY_SIGNED_IN_COOKIE, |
| 223 | STAY_SIGNED_IN_TOKEN, | 221 | $loginManager->getStaySignedInToken(), |
| 224 | $expirationTime, | 222 | $expirationTime, |
| 225 | WEB_PATH | 223 | WEB_PATH |
| 226 | ); | 224 | ); |
| @@ -595,7 +593,7 @@ function renderPage($conf, $pluginManager, $LINKSDB, $history, $sessionManager, | |||
| 595 | { | 593 | { |
| 596 | invalidateCaches($conf->get('resource.page_cache')); | 594 | invalidateCaches($conf->get('resource.page_cache')); |
| 597 | $sessionManager->logout(); | 595 | $sessionManager->logout(); |
| 598 | setcookie(SessionManager::$LOGGED_IN_COOKIE, 'false', 0, WEB_PATH); | 596 | setcookie(LoginManager::$STAY_SIGNED_IN_COOKIE, 'false', 0, WEB_PATH); |
| 599 | header('Location: ?'); | 597 | header('Location: ?'); |
| 600 | exit; | 598 | exit; |
| 601 | } | 599 | } |