if (!empty($_POST['pass1'][$id])) $ADD = ", password='".$hash."'";
// Get admin's ID
- $salt = substr(GET_ADMIN_HASH($_COOKIE['admin_login']), 0, -40);
- $aid = GET_ADMIN_ID($_COOKIE['admin_login']);
+ $salt = substr(GET_ADMIN_HASH($_SESSION['admin_login']), 0, -40);
+ $aid = GET_ADMIN_ID($_SESSION['admin_login']);
// Rewrite cookie when it's own account
if ($aid == $id)
{
// Timeout
- $TIMEOUT = time() + bigintval($_COOKIE['admin_to']);
+ $TIMEOUT = time() + bigintval($_SESSION['admin_to']);
// Set timeout cookie
- @setcookie("admin_last", time(), $TIMEOUT, COOKIE_PATH);
+ set_session("admin_last", time(), $TIMEOUT, COOKIE_PATH);
- if ($login != $_COOKIE['admin_login'])
+ if ($login != $_SESSION['admin_login'])
{
// Update login cookie
- @setcookie("admin_login", $login, $TIMEOUT, COOKIE_PATH);
+ set_session("admin_login", $login, $TIMEOUT, COOKIE_PATH);
// Update password cookie as well?
- if (!empty($ADD)) @setcookie("admin_md5", $hash, $TIMEOUT, COOKIE_PATH);
+ if (!empty($ADD)) set_session("admin_md5", $hash, $TIMEOUT, COOKIE_PATH);
}
- elseif (generateHash($_POST['pass1'][$id], $salt) != $_COOKIE['admin_md5'])
+ elseif (generateHash($_POST['pass1'][$id], $salt) != $_SESSION['admin_md5'])
{
// Update password cookie
- @setcookie("admin_md5", $hash, $TIMEOUT, COOKIE_PATH);
+ set_session("admin_md5", $hash, $TIMEOUT, COOKIE_PATH);
}
}
foreach ($_POST['sel'] as $id=>$del)
{
// Delete only when it's not your own account!
- if (($del == 1) && (GET_ADMIN_ID($_COOKIE['admin_login']) != $id))
+ if (($del == 1) && (GET_ADMIN_ID($_SESSION['admin_login']) != $id))
{
// Rewrite his tasks to all admins
$result = SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_task_system SET assigned_admin='0' WHERE assigned_admin='%s'",
projects / mailer.git / blobdiff