Skip to content

Commit

Permalink
v2.5.7
Browse files Browse the repository at this point in the history 
 - fixed login remember
 - removed `use_cookies`-config_var (unused since reCAPTCHA doesnt use cookie/session)
 - changed `logout()`
 - changed `is_loggedin()` removed wrong session checks
  • Loading branch information
@REJack
REJack committed Jun 17, 2016
1 parent b9c8fe7 commit 34d8a89
Show file tree
Hide file tree
Showing 2 changed files with 45 additions and 92 deletions.
4 changes: 0 additions & 4 deletions application/config/aauth.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -59,8 +59,6 @@
|
| ['login_with_name'] Login Identificator, if TRUE username needed to login else email address.
|
| ['use_cookies'] FALSE only on CI3
|
| ['email'] Sender email address, used for remind_password, send_verification and reset_password
| ['name'] Sender name, used for remind_password, send_verification and reset_password
| ['email_config'] Array of Config for CI's Email Library
Expand Down Expand Up @@ -132,8 +130,6 @@

'login_with_name' => false,

'use_cookies' => true,

'email' => 'admin@admin.com',
'name' => 'Emre Akay',
'email_config' => false,
Expand Down
133 changes: 45 additions & 88 deletions application/libraries/Aauth.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -13,7 +13,7 @@
*
* @copyright 2014-2016 Emre Akay
*
* @version 2.5.6
* @version 2.5.7
*
* @license LGPL
* @license http://opensource.org/licenses/LGPL-3.0 Lesser GNU Public License
Expand Down Expand Up @@ -131,16 +131,14 @@ public function __construct() {
*/
public function login($identifier, $pass, $remember = FALSE, $totp_code = NULL) {

if($this->config_vars['use_cookies'] == TRUE){
// Remove cookies first
$cookie = array(
'name' => 'user',
'value' => '',
'expire' => -3600,
'path' => '/',
);
$this->CI->input->set_cookie($cookie);
}
// Remove cookies first
$cookie = array(
'name' => 'user',
'value' => '',
'expire' => -3600,
'path' => '/',
);
$this->CI->input->set_cookie($cookie);
if ($this->config_vars['ddos_protection'] && ! $this->update_login_attempts()) {

$this->error($this->CI->lang->line('aauth_error_login_attempts_exceeded'));
Expand Down Expand Up @@ -271,26 +269,19 @@ public function login($identifier, $pass, $remember = FALSE, $totp_code = NULL)

$this->CI->session->set_userdata($data);

// if remember selected
if ( $remember ){
$expire = $this->config_vars['remember'];
$today = date("Y-m-d");
$remember_date = date("Y-m-d", strtotime($today . $expire) );
$random_string = random_string('alnum', 16);
$this->update_remember($row->id, $random_string, $remember_date );

if($this->config_vars['use_cookies'] == TRUE){
$cookie = array(
'name' => 'user',
'value' => $row->id . "-" . $random_string,
'expire' => 99*999*999,
'path' => '/',
);

$this->CI->input->set_cookie($cookie);
}else{
$this->CI->session->set_userdata('remember', $row->id . "-" . $random_string);
}
$cookie = array(
'name' => 'user',
'value' => $row->id . "-" . $random_string,
'expire' => 99*999*999,
'path' => '/',
);
$this->CI->input->set_cookie($cookie);
}

// update last login
Expand Down Expand Up @@ -322,65 +313,33 @@ public function is_loggedin() {
if ( $this->CI->session->userdata('loggedin') ){
return TRUE;
} else {
if($this->config_vars['use_cookies'] == TRUE){
if( ! $this->CI->input->cookie('user', TRUE) ){
return FALSE;
} else {
$cookie = explode('-', $this->CI->input->cookie('user', TRUE));
if(!is_numeric( $cookie[0] ) OR strlen($cookie[1]) < 13 ){return FALSE;}
else{
$query = $this->aauth_db->where('id', $cookie[0]);
$query = $this->aauth_db->where('remember_exp', $cookie[1]);
$query = $this->aauth_db->get($this->config_vars['users']);

$row = $query->row();

if ($query->num_rows() < 1) {
$this->update_remember($cookie[0]);
return FALSE;
}else{

if(strtotime($row->remember_time) > strtotime("now") ){
$this->login_fast($cookie[0]);
return TRUE;
}
// if time is expired
else {
return FALSE;
}
if( ! $this->CI->input->cookie('user', TRUE) ){
return FALSE;
} else {
$cookie = explode('-', $this->CI->input->cookie('user', TRUE));
if(!is_numeric( $cookie[0] ) OR strlen($cookie[1]) < 13 ){return FALSE;}
else{
$query = $this->aauth_db->where('id', $cookie[0]);
$query = $this->aauth_db->where('remember_exp', $cookie[1]);
$query = $this->aauth_db->get($this->config_vars['users']);

$row = $query->row();

if ($query->num_rows() < 1) {
$this->update_remember($cookie[0]);
return FALSE;
}else{

if(strtotime($row->remember_time) > strtotime("now") ){
$this->login_fast($cookie[0]);
return TRUE;
}
}
}
}else{
if(!isset($_SESSION['remember'])){
return FALSE;
}else{
$session = explode('-', $this->CI->session->userdata('remember'));
if(!is_numeric( $session[0] ) OR strlen($session[1]) < 13 ){return FALSE;}
else{
$query = $this->aauth_db->where('id', $session[0]);
$query = $this->aauth_db->where('remember_exp', $session[1]);
$query = $this->aauth_db->get($this->config_vars['users']);

$row = $query->row();

if ($query->num_rows() < 1) {
$this->update_remember($session[0]);
// if time is expired
else {
return FALSE;
}else{

if(strtotime($row->remember_time) > strtotime("now") ){
$this->login_fast($session[0]);
return TRUE;
}
// if time is expired
else {
return FALSE;
}
}
}
}

}
}
return FALSE;
Expand Down Expand Up @@ -436,15 +395,13 @@ public function control( $perm_par = FALSE ){
*/
public function logout() {

if($this->config_vars['use_cookies'] == TRUE){
$cookie = array(
'name' => 'user',
'value' => '',
'expire' => -3600,
'path' => '/',
);
$this->CI->input->set_cookie($cookie);
}
$cookie = array(
'name' => 'user',
'value' => '',
'expire' => -3600,
'path' => '/',
);
$this->CI->input->set_cookie($cookie);

return $this->CI->session->sess_destroy();
}
Expand Down

0 comments on commit 34d8a89

Please sign in to comment.