fix cookies

This commit is contained in:
unknown 2019-09-18 20:37:20 +02:00
parent 215ffd7fc6
commit 3314969ebb

View File

@ -26,7 +26,7 @@ class UserManager
if ($user = Db::loadOne ('SELECT * FROM users WHERE LOWER(username)=LOWER(?)', array ($username))) { if ($user = Db::loadOne ('SELECT * FROM users WHERE LOWER(username)=LOWER(?)', array ($username))) {
if ($user['password'] == UserManager::getHashPassword($password)) { if ($user['password'] == UserManager::getHashPassword($password)) {
if (isset($rememberMe) && $rememberMe == 'true') { if (isset($rememberMe) && $rememberMe == 'true') {
setcookie ("rememberMe", $this->setEncryptedCookie($user['username']), time () + (30 * 24 * 60 * 60 * 1000), "/", $_SERVER['HTTP_HOST'], 1); setcookie ("rememberMe" . str_replace(".", "_", $_SERVER['HTTP_HOST']), $this->setEncryptedCookie($user['username']), time () + (30 * 24 * 60 * 60 * 1000), "/", $_SERVER['HTTP_HOST'], 1);
} }
$_SESSION['user']['id'] = $user['user_id']; $_SESSION['user']['id'] = $user['user_id'];
$page = "./index.php"; $page = "./index.php";
@ -51,8 +51,8 @@ class UserManager
if (isset ($_SESSION['user']) && isset($_SESSION['user']['id'])) { if (isset ($_SESSION['user']) && isset($_SESSION['user']['id'])) {
return true; return true;
} else { } else {
if (isset ($_COOKIE['rememberMe'])){ if (isset ($_COOKIE['rememberMe' . str_replace(".", "_", $_SERVER['HTTP_HOST'])])){
if ($user = Db::loadOne ('SELECT * FROM users WHERE LOWER(username)=LOWER(?)', array ($this->getDecryptedCookie($_COOKIE['rememberMe'])))) { if ($user = Db::loadOne ('SELECT * FROM users WHERE LOWER(username)=LOWER(?)', array ($this->getDecryptedCookie($_COOKIE['rememberMe' . str_replace(".", "_", $_SERVER['HTTP_HOST'])])))) {
$_SESSION['user']['id'] = $user['user_id']; $_SESSION['user']['id'] = $user['user_id'];
return true; return true;
} }
@ -62,7 +62,7 @@ class UserManager
} }
public function logout () { public function logout () {
setcookie ("rememberMe","", time() - (30 * 24 * 60 * 60 * 1000), "/", $_SERVER['HTTP_HOST'], 1); setcookie ("rememberMe" . str_replace(".", "_", $_SERVER['HTTP_HOST']),"", time() - (30 * 24 * 60 * 60 * 1000), "/", $_SERVER['HTTP_HOST'], 1);
unset($_SESSION['user']); unset($_SESSION['user']);
session_destroy(); session_destroy();
} }