add ability to remember logged in user after browser closes

diff --git a/boot.php b/boot.php
index addc0c107c8f730153b28dcfdbc81cd21e2ed9d3..9335a2fde6b7b14645874c1bb545344d41493aa2 100644 (file)
--- a/boot.php
+++ b/boot.php
@@ -947,6 +947,7 @@ if(! function_exists('login')) {
        
                        '$lname'                => array('username', t('Nickname or Email address: ') , '', ''),
                        '$lpassword'    => array('password', t('Password: '), '', ''),
+                       '$lremember'    => array('remember', t('Remember me'), 0, ''),
        
                        '$openid'               => !$noid,
                        '$lopenid'      => array('openid_url', t('Or login using OpenID: '),'',''),

diff --git a/include/auth.php b/include/auth.php
index 523de88ce9d839e404f63e2ca0b6ab8b8ec7a07b..1ddba7c880d46f72a64ebbe90d07237ecaabff70 100644 (file)
--- a/include/auth.php
+++ b/include/auth.php
@@ -162,6 +162,33 @@ else {
                        goaway(z_root());
                }
 
+               // If the user specified to remember the authentication, then change the cookie
+               // to expire after one year (the default is when the browser is closed).
+               // If the user did not specify to remember, change the cookie to expire when the
+               // browser is closed. The reason this is necessary is because if the user
+               // specifies to remember, then logs out and logs back in without specifying to
+               // remember, the old "remember" cookie may remain and prevent the session from
+               // expiring when the browser is closed.
+               //
+               // It seems like I should be able to test for the old cookie, but for some reason when
+               // I read the lifetime value from session_get_cookie_params(), I always get '0'
+               // (i.e. expire when the browser is closed), even when there's a time expiration
+               // on the cookie
+               if($_POST['remember']) {
+                       $old_sid = session_id();
+                       session_set_cookie_params('31449600'); // one year
+                       session_regenerate_id(false);
+
+                       q("UPDATE session SET sid = '%s' WHERE sid = '%s'", dbesc(session_id()), dbesc($old_sid));
+               }
+               else {
+                       $old_sid = session_id();
+                       session_set_cookie_params('0');
+                       session_regenerate_id(false);
+
+                       q("UPDATE session SET sid = '%s' WHERE sid = '%s'", dbesc(session_id()), dbesc($old_sid));
+               }
+
                // if we haven't failed up this point, log them in.
 
                authenticate_success($record, true, true);

diff --git a/view/theme/frost-mobile/login-style.css b/view/theme/frost-mobile/login-style.css
index 222da2db8b333d574a5b07bde04ea86a2dbb79a9..4ebf7d74023558cc58be91e85447dc00503740d4 100644 (file)
--- a/view/theme/frost-mobile/login-style.css
+++ b/view/theme/frost-mobile/login-style.css
@@ -87,6 +87,10 @@ div.section-wrapper {
        margin-left: 30px;
 }
 
+#div_id_remember {
+       margin-top: 10px;
+}
+
 #login_openid {
        margin-top: 50px;
 }

diff --git a/view/theme/frost-mobile/login.tpl b/view/theme/frost-mobile/login.tpl
index 246c04ffa1a10a562fef92dabacbe4240e3d0a1b..6946cc031b78be00912d5cb6d5804953b067ea4d 100644 (file)
--- a/view/theme/frost-mobile/login.tpl
+++ b/view/theme/frost-mobile/login.tpl
@@ -25,6 +25,8 @@
                <input type="submit" name="submit" id="login-submit-button" value="$login" />
        </div>
 
+       {{ inc field_checkbox.tpl with $field=$lremember }}{{ endinc }}
+
        <br /><br />
        <div class="login-extra-links">
                {{ if $register }}<a href="register" title="$register.title" id="register-link">$register.desc</a>{{ endif }}

diff --git a/view/theme/frost/login-style.css b/view/theme/frost/login-style.css
index 79c3aede0b9ddde41dfe6853fa108b1906885ddb..25d8ec5a01dfcd04b2d047a22ae55d8be79deee5 100644 (file)
--- a/view/theme/frost/login-style.css
+++ b/view/theme/frost/login-style.css
@@ -87,6 +87,10 @@ div.section-wrapper {
        margin-left: 140px;
 }
 
+#div_id_remember {
+       margin-top: 10px;
+}
+
 /*.openid input {*/
 #id_openid_url, .openid input {
        background: url(login-bg.gif) no-repeat;

diff --git a/view/theme/frost/login.tpl b/view/theme/frost/login.tpl
index 2e2a3ed1ac6bda83728d6380784da1622ba6b671..bc99e6d95f6396c7158f69c1c36a104fc93e1d7b 100644 (file)
--- a/view/theme/frost/login.tpl
+++ b/view/theme/frost/login.tpl
@@ -25,7 +25,9 @@
                <input type="submit" name="submit" id="login-submit-button" value="$login" />
        </div>
 
-       <br /><br /><br /><br />
+       {{ inc field_checkbox.tpl with $field=$lremember }}{{ endinc }}
+
+       <br /><br /><br />
        <div class="login-extra-links">
                {{ if $register }}<a href="register" title="$register.title" id="register-link">$register.desc</a>{{ endif }}
         <a href="lostpass" title="$lostpass" id="lost-password-link" >$lostlink</a>