Changeset 633

Timestamp:

Jan 5, 2014, 11:32:57 PM (11 years ago)

Author:

chronos

Message:

• Opraveno: Trvalé přihlášení nefungovalo po zavření prohlížeče a změně php session id. Nutno řešit pomocí cookies.

Location:

trunk

Files:

• Application/Version.php (modified) (1 diff)
• Common/Setup/Updates.php (modified) (2 diffs)
• Modules/User/User.php (modified) (2 diffs)

trunk/Application/Version.php

@@ -1 +1 @@
 <?php
 
-$Revision = 632; // Subversion revision
-$DatabaseRevision = 632; // SQL structure revision
-$ReleaseTime = mktime(0, 0, 0, 2, 2, 2014);
+$Revision = 633; // Subversion revision
+$DatabaseRevision = 633; // SQL structure revision
+$ReleaseTime = 0;//mktime(0, 0, 0, 2, 5, 2014);

trunk/Common/Setup/Updates.php

@@ -557 +557 @@
 }
 
+function UpdateTo633($Manager)
+{
+        $Manager->Execute('ALTER TABLE `UserOnline` ADD `StayLoggedHash` VARCHAR( 40 ) NOT NULL ;');
+}
+
 class Updates
 {
@@ -592 +597 @@
       620 => array('Revision' => 627, 'Function' => 'UpdateTo627'),
       627 => array('Revision' => 632, 'Function' => 'UpdateTo632'),
+      632 => array('Revision' => 633, 'Function' => 'UpdateTo633'),
     ));
   }

trunk/Modules/User/User.php

@@ -81 +81 @@
       'ScriptName' => $_SERVER['PHP_SELF']));
 
+    // Logged permanently?
+    if(array_key_exists('LoginHash', $_COOKIE))
+    {
+      $DbResult = $this->Database->query('SELECT * FROM `UserOnline` WHERE `User`='.$_COOKIE['LoginUserId'].
+        ' AND `StayLogged`=1 AND SessionId!="'.$SID.'"');
+      if($DbResult->num_rows > 0)
+      {
+        $DbRow = $DbResult->fetch_assoc();
+        if(sha1($_COOKIE['LoginUserId'].$DbRow['StayLoggedHash']) == $_COOKIE['LoginHash'])
+        {               
+          $this->Database->query('DELETE FROM `UserOnline` WHERE `SessionId`="'.$SID.'"');
+          $this->Database->query('UPDATE `UserOnline` SET `SessionId`="'.$SID.'" WHERE `Id`='.$DbRow['Id']);
+        }
+      }
+    }
+    
     // Check login
     $Query = $this->Database->select('UserOnline', '*', '`SessionId`="'.$SID.'"');
@@ -195 +211 @@
       else 
       {
-        $this->Database->update('User', 'Id='.$Row['Id'], array('LastLoginTime' => 'NOW()', 'LastIpAddress' => GetRemoteAddress()));            
-        $this->Database->update('UserOnline', 'SessionId="'.$SID.'"', array('User' => $Row['Id'], 'StayLogged' => $StayLogged));
+        $this->Database->update('User', 'Id='.$Row['Id'], array('LastLoginTime' => 'NOW()', 
+          'LastIpAddress' => GetRemoteAddress()));
+        $Hash = new PasswordHash();     
+        $StayLoggedSalt = $Hash->GetSalt();
+        $this->Database->update('UserOnline', 'SessionId="'.$SID.'"', array(
+          'User' => $Row['Id'], 'StayLogged' => $StayLogged, 'StayLoggedHash' => $StayLoggedSalt));
+        if($StayLogged) 
+        {
+          setcookie('LoginUserId', $Row['Id'], time()+365*24*60*60);
+          setcookie('LoginHash', sha1($Row['Id'].$StayLoggedSalt), time()+365*24*60*60);
+        } else {
+          setcookie('LoginUserId', '', time() - 3600);
+          setcookie('LoginHash', '', time() - 3600);
+        }
         
         $Result = USER_LOGGED_IN;