X-Git-Url: http://git.dj3c1t.com/index.cgi?a=blobdiff_plain;f=mw%2Fapp%2Fdata%2Fmodules%2Fsql%2Fmw_data_users.php;h=32bc0c558e7cdd8c1028a5441354fb6d44240050;hb=5dfe5e84a7007ddd9737707ce15f0155e6415066;hp=a1d76bd49331bc1efc664c03737cb112e171ca82;hpb=568c721d53fb84b5e9b3facb2addccaf6deb35f9;p=mtweb diff --git a/mw/app/data/modules/sql/mw_data_users.php b/mw/app/data/modules/sql/mw_data_users.php index a1d76bd..32bc0c5 100644 --- a/mw/app/data/modules/sql/mw_data_users.php +++ b/mw/app/data/modules/sql/mw_data_users.php @@ -450,19 +450,23 @@ function load_session(){ @session_start(); if(!isset($_SESSION["id"])) $this->clear_session(); - if( - $user = ( - isset($_COOKIE["user"]) || isset($_SESSION["user"]) ? - $this->user(isset($_COOKIE["user"]) ? $_COOKIE["user"] : $_SESSION["user"]) - : array() - ) - ){ - if(isset($_COOKIE["user"])) $this->set_session($user); + $user = array(); + if(isset($_SESSION["user"])){ + $user = $this->user($_SESSION["user"]); + } + elseif(isset($_COOKIE["user"]) && isset($_COOKIE["pass"])){ + if($user = $this->user($_COOKIE["user"])){ + $user["password"] = $_COOKIE["pass"]; + $this->set_session($user); + } + } + if($user){ if(!$this->user_ok($user)){ $this->clear_session(); $user = array(); } } + else $user = array(); $this->user = $user; return $user; } @@ -471,7 +475,9 @@ $_SESSION["user"] = $user["login"]; $_SESSION["pass"] = md5($user["password"].$_SESSION["id"]); $env = $this->env(); - return setcookie("user", $user["login"], time() + (60 * 60 * 24 * 7), $env->path("web")); + return + setcookie("user", $user["login"], time() + (60 * 60 * 24 * 7), $env->path("web")) + && setcookie("pass", $user["password"], time() + (60 * 60 * 24 * 7), $env->path("web")); } function clear_session(){ @@ -480,7 +486,9 @@ $_SESSION["ip"] = $_SERVER["REMOTE_ADDR"]; $_SESSION["id"] = md5(rand()); $env = $this->env(); - return setcookie("user", "", 0, $env->path("web")); + return + setcookie("user", "", 0, $env->path("web")) + && setcookie("pass", "", 0, $env->path("web")); } function get_session_user(){