From cbaf196f509cc5b21f04574cbf80ddd3ecf9f8db Mon Sep 17 00:00:00 2001
From: Sandro Santilli <strk@kbt.io>
Date: Mon, 13 Mar 2017 11:57:10 +0100
Subject: [PATCH] Only remove the "remember me" cookie at submitting the auth
 form

Fixes loss of remember (Friendica) cookie on switching Managed accounts
---
 include/auth.php     | 4 ++++
 include/security.php | 3 ---
 2 files changed, 4 insertions(+), 3 deletions(-)

diff --git a/include/auth.php b/include/auth.php
index 62ca3563a4..8512abe486 100644
--- a/include/auth.php
+++ b/include/auth.php
@@ -179,6 +179,10 @@ if (isset($_SESSION) && x($_SESSION,'authenticated') && (!x($_POST,'auth-params'
 			goaway(z_root());
 		}
 
+		if ( ! $_POST['remember']) {
+			new_cookie(0); // 0 means delete on browser exit
+		}
+
 		// if we haven't failed up this point, log them in.
 		$_SESSION['remember'] = $_POST['remember'];
 		$_SESSION['last_login_date'] = datetime_convert('UTC','UTC');
diff --git a/include/security.php b/include/security.php
index 93df6ff255..23fc400b3a 100644
--- a/include/security.php
+++ b/include/security.php
@@ -141,9 +141,6 @@ function authenticate_success($user_record, $login_initial = false, $interactive
 			new_cookie(604800, $user_record);
 			unset($_SESSION['remember']);
 		}
-		else {
-			new_cookie(0); // 0 means delete on browser exit
-		}
 	}
 
 
-- 
2.39.5