diff options
author | Dmitry Sandalov <dmitry@sandalov.org> | 2013-12-21 23:39:45 +0400 |
---|---|---|
committer | Dmitry Sandalov <dmitry@sandalov.org> | 2013-12-21 23:39:45 +0400 |
commit | a0aa150418b628b32b18c70436d6be495129ee38 (patch) | |
tree | dfde1480ced98e78ed2d3e007e7bbd2f87be5a8f /inc | |
parent | 5c8d438c08f12e20e237e0c9a9ea9cb63b58fa1d (diff) | |
download | wallabag-a0aa150418b628b32b18c70436d6be495129ee38.tar.gz wallabag-a0aa150418b628b32b18c70436d6be495129ee38.tar.zst wallabag-a0aa150418b628b32b18c70436d6be495129ee38.zip |
fix for long lasting session
Diffstat (limited to 'inc')
-rw-r--r-- | inc/3rdparty/Session.class.php | 11 | ||||
-rw-r--r-- | inc/poche/Poche.class.php | 3 |
2 files changed, 11 insertions, 3 deletions
diff --git a/inc/3rdparty/Session.class.php b/inc/3rdparty/Session.class.php index df913a06..32624559 100644 --- a/inc/3rdparty/Session.class.php +++ b/inc/3rdparty/Session.class.php | |||
@@ -32,6 +32,8 @@ class Session | |||
32 | // If the user does not access any page within this time, | 32 | // If the user does not access any page within this time, |
33 | // his/her session is considered expired (3600 sec. = 1 hour) | 33 | // his/her session is considered expired (3600 sec. = 1 hour) |
34 | public static $inactivityTimeout = 3600; | 34 | public static $inactivityTimeout = 3600; |
35 | // Extra timeout for long sessions (if enabled) (82800 sec. = 23 hours) | ||
36 | public static $longSessionTimeout = 82800; | ||
35 | // If you get disconnected often or if your IP address changes often. | 37 | // If you get disconnected often or if your IP address changes often. |
36 | // Let you disable session cookie hijacking protection | 38 | // Let you disable session cookie hijacking protection |
37 | public static $disableSessionProtection = false; | 39 | public static $disableSessionProtection = false; |
@@ -106,6 +108,7 @@ class Session | |||
106 | $password, | 108 | $password, |
107 | $loginTest, | 109 | $loginTest, |
108 | $passwordTest, | 110 | $passwordTest, |
111 | $longlastingsession, | ||
109 | $pValues = array()) | 112 | $pValues = array()) |
110 | { | 113 | { |
111 | self::banInit(); | 114 | self::banInit(); |
@@ -118,7 +121,11 @@ class Session | |||
118 | $_SESSION['username'] = $login; | 121 | $_SESSION['username'] = $login; |
119 | // Set session expiration. | 122 | // Set session expiration. |
120 | $_SESSION['expires_on'] = time() + self::$inactivityTimeout; | 123 | $_SESSION['expires_on'] = time() + self::$inactivityTimeout; |
121 | 124 | if ($longlastingsession) { | |
125 | $_SESSION['longlastingsession'] = self::$longSessionTimeout; | ||
126 | $_SESSION['expires_on'] += $_SESSION['longlastingsession']; | ||
127 | } | ||
128 | |||
122 | foreach ($pValues as $key => $value) { | 129 | foreach ($pValues as $key => $value) { |
123 | $_SESSION[$key] = $value; | 130 | $_SESSION[$key] = $value; |
124 | } | 131 | } |
@@ -136,7 +143,7 @@ class Session | |||
136 | */ | 143 | */ |
137 | public static function logout() | 144 | public static function logout() |
138 | { | 145 | { |
139 | unset($_SESSION['uid'],$_SESSION['ip'],$_SESSION['expires_on'],$_SESSION['tokens'], $_SESSION['login'], $_SESSION['pass'], $_SESSION['poche_user']); | 146 | unset($_SESSION['uid'],$_SESSION['ip'],$_SESSION['expires_on'],$_SESSION['tokens'], $_SESSION['login'], $_SESSION['pass'], $_SESSION['longlastingsession'], $_SESSION['poche_user']); |
140 | } | 147 | } |
141 | 148 | ||
142 | /** | 149 | /** |
diff --git a/inc/poche/Poche.class.php b/inc/poche/Poche.class.php index d415dd03..adec9b28 100644 --- a/inc/poche/Poche.class.php +++ b/inc/poche/Poche.class.php | |||
@@ -678,7 +678,8 @@ class Poche | |||
678 | $user = $this->store->login($login, Tools::encodeString($password . $login)); | 678 | $user = $this->store->login($login, Tools::encodeString($password . $login)); |
679 | if ($user != array()) { | 679 | if ($user != array()) { |
680 | # Save login into Session | 680 | # Save login into Session |
681 | Session::login($user['username'], $user['password'], $login, Tools::encodeString($password . $login), array('poche_user' => new User($user))); | 681 | $longlastingsession = isset($_POST['longlastingsession']); |
682 | Session::login($user['username'], $user['password'], $login, Tools::encodeString($password . $login), $longlastingsession, array('poche_user' => new User($user))); | ||
682 | $this->messages->add('s', _('welcome to your poche')); | 683 | $this->messages->add('s', _('welcome to your poche')); |
683 | Tools::logm('login successful'); | 684 | Tools::logm('login successful'); |
684 | Tools::redirect($referer); | 685 | Tools::redirect($referer); |