fix cookies and at same time add better secure for cookies

This commit is contained in:
unknown 2019-09-16 20:28:20 +02:00
parent ad7c192a90
commit e78b2b28a9

View File

@ -26,7 +26,7 @@ class UserManager
if ($user = Db::loadOne ('SELECT * FROM users WHERE LOWER(username)=LOWER(?)', array ($username))) {
if ($user['password'] == UserManager::getHashPassword($password)) {
if (isset($rememberMe) && $rememberMe == 'true') {
setcookie ("rememberMe", $this->setEncryptedCookie($user['username']), time () + (30 * 24 * 60 * 60 * 1000), "/");
setcookie ("rememberMe", $this->setEncryptedCookie($user['username']), time () + (30 * 24 * 60 * 60 * 1000), "/", $_SERVER['HTTP_HOST'], 1);
}
$_SESSION['user']['id'] = $user['user_id'];
$page = "./index.php";
@ -62,7 +62,7 @@ class UserManager
}
public function logout () {
setcookie ("rememberMe","", time() - (30 * 24 * 60 * 60 * 1000), "/");
setcookie ("rememberMe","", time() - (30 * 24 * 60 * 60 * 1000), "/", $_SERVER['HTTP_HOST'], 1);
unset($_SESSION['user']);
session_destroy();
}