X-Git-Url: https://git.mxchange.org/?a=blobdiff_plain;ds=sidebyside;f=include%2Fsecurity.php;h=05371f71ca55d1a44559480ffc2c350197cc3add;hb=47fd9226c3f0b90f460fe2031fa46cbb49a87100;hp=11a2955b4c3e27f507dc76fea5b6a3f6855f9098;hpb=60adf67f1392950b0aba3c589bed65c66058426d;p=friendica.git diff --git a/include/security.php b/include/security.php index 11a2955b4c..05371f71ca 100644 --- a/include/security.php +++ b/include/security.php @@ -1,5 +1,44 @@ $user["uid"], + "hash" => cookie_hash($user), + "ip" => $_SERVER['REMOTE_ADDR'])); + } + else { + $value = ""; + } + + setcookie("Friendica", $value, $time, "/", "", + (get_config('system', 'ssl_policy') == SSL_POLICY_FULL), true); + +} + function authenticate_success($user_record, $login_initial = false, $interactive = false, $login_refresh = false) { $a = get_app(); @@ -16,7 +55,7 @@ function authenticate_success($user_record, $login_initial = false, $interactive $a->user = $user_record; if($interactive) { - if($a->user['login_date'] <= NULL_DATE) { + if ($a->user['login_date'] <= NULL_DATE) { $_SESSION['return_url'] = 'profile_photo/new'; $a->module = 'profile_photo'; info( t("Welcome ") . $a->user['username'] . EOL); @@ -94,6 +133,21 @@ function authenticate_success($user_record, $login_initial = false, $interactive } + + if ($login_initial) { + // If the user specified to remember the authentication, then set a cookie + // that expires after one week (the default is when the browser is closed). + // The cookie will be renewed automatically. + // The week ensures that sessions will expire after some inactivity. + if ($_SESSION['remember']) { + logger('Injecting cookie for remembered user '. $_SESSION['remember_user']['nickname']); + new_cookie(604800, $user_record); + unset($_SESSION['remember']); + } + } + + + if ($login_initial) { call_hooks('logged_in', $a->user);