diff options
| author | ben <ben@36083f99-b078-4883-b0ff-0f9b5a30f544> | 2008-05-28 10:28:00 +0000 |
|---|---|---|
| committer | ben <ben@36083f99-b078-4883-b0ff-0f9b5a30f544> | 2008-05-28 10:28:00 +0000 |
| commit | dfc57f305c8c0de9933d6501668617fc1a195b82 (patch) | |
| tree | 1d3a4b1950d726cb1d299d4ad8c07a3c26d183c7 /engine/lib/sessions.php | |
| parent | e7dab1a754c85b8f1e7beeac49496ed9e7435b45 (diff) | |
| download | elgg-dfc57f305c8c0de9933d6501668617fc1a195b82.tar.gz elgg-dfc57f305c8c0de9933d6501668617fc1a195b82.tar.bz2 | |
Solidifying the login() function so that the session data is always consistent.
git-svn-id: https://code.elgg.org/elgg/trunk@729 36083f99-b078-4883-b0ff-0f9b5a30f544
Diffstat (limited to 'engine/lib/sessions.php')
| -rw-r--r-- | engine/lib/sessions.php | 18 |
1 files changed, 12 insertions, 6 deletions
diff --git a/engine/lib/sessions.php b/engine/lib/sessions.php index ee6bb5c38..790f11b1a 100644 --- a/engine/lib/sessions.php +++ b/engine/lib/sessions.php @@ -42,7 +42,6 @@ if ($user = get_user_by_username($username)) {
if ($user->password == $dbpassword) {
- // return login($user,$persisten);
return $user;
}
}
@@ -63,8 +62,6 @@ function login(ElggUser $user, $persistent = false) {
global $CONFIG;
-
- if (!trigger_event('login','user',$user)) return false;
$_SESSION['user'] = $user;
$_SESSION['guid'] = $user->getGUID();
@@ -75,10 +72,19 @@ $code = (md5($user->name . $user->username . time() . rand()));
$user->code = md5($code);
- if (!$user->save())
- return false;
-
+
$_SESSION['code'] = $code;
+
+ if (!$user->save() || !trigger_event('login','user',$user)) {
+ unset($_SESSION['username']);
+ unset($_SESSION['name']);
+ unset($_SESSION['code']);
+ unset($_SESSION['guid']);
+ unset($_SESSION['id']);
+ unset($_SESSION['user']);
+ return false;
+ }
+
if (($persistent))
setcookie("elggperm", $code, (time()+(86400 * 30)),"/");
|