-function nuke_session() {
- unset($_SESSION['authenticated']);
- unset($_SESSION['uid']);
- unset($_SESSION['visitor_id']);
- unset($_SESSION['administrator']);
- unset($_SESSION['cid']);
- unset($_SESSION['theme']);
- unset($_SESSION['mobile-theme']);
- unset($_SESSION['page_flags']);
- unset($_SESSION['submanage']);
- unset($_SESSION['my_url']);
- unset($_SESSION['my_address']);
- unset($_SESSION['addr']);
- unset($_SESSION['return_url']);
-}
+ if ($r) {
+ if ($data->hash != cookie_hash($r[0])) {
+ logger("Hash for user ".$data->uid." doesn't fit.");
+ nuke_session();
+ goaway(z_root());
+ }
+
+ // Renew the cookie
+ // Expires after 7 days by default,
+ // can be set via system.auth_cookie_lifetime
+ $authcookiedays = Config::get('system', 'auth_cookie_lifetime', 7);
+ new_cookie($authcookiedays*24*60*60, $r[0]);