Fix remember me function on login
This commit is contained in:
parent
1a1ac17ecf
commit
b036b4d36e
|
@ -25,7 +25,8 @@
|
||||||
$_SESSION['loggedOut'] = false;
|
$_SESSION['loggedOut'] = false;
|
||||||
$rememberMe = isset($_POST['rememberMe']) ? $_POST['rememberMe'] : 'off';
|
$rememberMe = isset($_POST['rememberMe']) ? $_POST['rememberMe'] : 'off';
|
||||||
$this->LoginModel->login($_POST['loginname'], $_POST['loginPassword'], $rememberMe);
|
$this->LoginModel->login($_POST['loginname'], $_POST['loginPassword'], $rememberMe);
|
||||||
isset($_GET['r']) && !empty($_GET['r']) ? redirect(base64_decode($_GET['r'])) : redirect(base_url('login'));
|
|
||||||
|
isset($_GET['r']) && !empty($_GET['r']) ? redirect(base64_decode(urldecode($_GET['r']))) : redirect(base_url('login'));
|
||||||
}
|
}
|
||||||
|
|
||||||
$notice = isset($_SESSION['notice']) ? $_SESSION['notice'] : '';
|
$notice = isset($_SESSION['notice']) ? $_SESSION['notice'] : '';
|
||||||
|
@ -141,13 +142,11 @@
|
||||||
|
|
||||||
public function logout()
|
public function logout()
|
||||||
{
|
{
|
||||||
unset($_SESSION['user']);
|
$this->LoginModel->logout();
|
||||||
$this->load->helper('cookie');
|
|
||||||
// delete_cookie('rememberMe');
|
$notice = '<div class="alert alert-warning alert-dismissible"><button type="button" class="close" data-dismiss="alert" aria-label="Schließen"><span aria-hidden="true">×</span></button><strong>Abgemeldet!</strong> Du wurdest erfolgreich abgemeldet! Ich hoffe, wir sehen uns bald wieder.</div>';
|
||||||
// delete_cookie('token');
|
|
||||||
$notice = '<div class="alert alert-warning alert-dismissible"><button type="button" class="close" data-dismiss="alert" aria-label="Schließen"><span aria-hidden="true">×</span></button><strong>Abgemeldet!</strong> Du wurdest erfolgreich abgemeldet! Ich hoffe wir sehen uns bald wieder.</div>';
|
|
||||||
$_SESSION['notice'] = $notice;
|
$_SESSION['notice'] = $notice;
|
||||||
$_SESSION['loggedOut'] = true;
|
|
||||||
$redirect = isset($_GET['redirect']) ? urldecode(base64_decode($_GET['redirect'])) : base_url("login");
|
$redirect = isset($_GET['redirect']) ? urldecode(base64_decode($_GET['redirect'])) : base_url("login");
|
||||||
redirect($redirect);
|
redirect($redirect);
|
||||||
}
|
}
|
||||||
|
|
|
@ -37,6 +37,17 @@
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
public function logout() {
|
||||||
|
delete_cookie('rememberMe');
|
||||||
|
delete_cookie('rememberToken');
|
||||||
|
|
||||||
|
$userID = $_SESSION['user']['ID'];
|
||||||
|
$this->db->query('UPDATE users SET isCurrentlyOnline = false, rememberToken = null WHERE ID = ?', [$userID]);
|
||||||
|
|
||||||
|
unset($_SESSION['user']);
|
||||||
|
$_SESSION['loggedOut'] = true;
|
||||||
|
}
|
||||||
|
|
||||||
public function getLoginData($username)
|
public function getLoginData($username)
|
||||||
{
|
{
|
||||||
$this->db->cache_off();
|
$this->db->cache_off();
|
||||||
|
@ -53,6 +64,12 @@
|
||||||
return $passwordHash;
|
return $passwordHash;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
private function generateRandomUserHash($username) {
|
||||||
|
$base = uniqid();
|
||||||
|
$seed = $username . date(time());
|
||||||
|
return md5($base . $seed);
|
||||||
|
}
|
||||||
|
|
||||||
public function startLoginSession($logindata, $rememberMe)
|
public function startLoginSession($logindata, $rememberMe)
|
||||||
{
|
{
|
||||||
$this->reloadLoginSession($logindata);
|
$this->reloadLoginSession($logindata);
|
||||||
|
@ -61,20 +78,14 @@
|
||||||
|
|
||||||
if ($rememberMe == 'on') {
|
if ($rememberMe == 'on') {
|
||||||
$expire = 3600 * 24 * 60;
|
$expire = 3600 * 24 * 60;
|
||||||
$userHash = $this->LoginModel->getUserHash($logindata['username'], $logindata['password'], $logindata['email'], $logindata['ID']);
|
$userHash = base64_encode($logindata['username']);
|
||||||
// $this->input->set_cookie('rememberMe', base64_encode($logindata['username']), $expire, base_url(), '/');
|
$loginHash = $this->generateRandomUserHash($userHash);
|
||||||
// $this->input->set_cookie('token', $userHash, $expire, base_url(), '/');
|
$this->db->query('UPDATE users SET rememberToken = ? WHERE ID = ?', [$loginHash, $logindata['ID']]);
|
||||||
|
|
||||||
var_dump(get_cookie('rememberMe'));
|
$domain = explode('/', base_url())[2];
|
||||||
|
|
||||||
echo 'fresh';
|
$this->input->set_cookie('rememberMe', $userHash, $expire, $domain, '/');
|
||||||
var_dump($_COOKIE);
|
$this->input->set_cookie('rememberToken', $loginHash, $expire, $domain, '/');
|
||||||
$_COOKIE['rememberMe'] = base64_encode($logindata['username']);
|
|
||||||
$_COOKIE['token'] = $userHash;
|
|
||||||
echo 'tech';
|
|
||||||
// var_dump(get_cookie('rememberMe'));
|
|
||||||
// var_dump(get_cookie('token'));
|
|
||||||
var_dump($_COOKIE);
|
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -143,28 +154,20 @@
|
||||||
if (isset($_SESSION['loggedOut']) && $_SESSION['loggedOut']) {
|
if (isset($_SESSION['loggedOut']) && $_SESSION['loggedOut']) {
|
||||||
return;
|
return;
|
||||||
}
|
}
|
||||||
var_dump('test');
|
if (!isset($_SESSION['user']) && isset($_COOKIE['rememberMe']) && isset($_COOKIE['rememberToken'])) {
|
||||||
if (!isset($_SESSION['user']) && isset($_COOKIE['rememberMe']) && isset($_COOKIE['token'])) {
|
|
||||||
var_dump($_COOKIE);
|
|
||||||
$logindata = $this->getLoginData(base64_decode($_COOKIE['rememberMe']));
|
$logindata = $this->getLoginData(base64_decode($_COOKIE['rememberMe']));
|
||||||
if (!empty($logindata)) {
|
if (!empty($logindata)) {
|
||||||
$logindata = $logindata[0];
|
$logindata = $logindata[0];
|
||||||
$token = $this->getUserHash($logindata['username'], $logindata['password'], $logindata['email'], $logindata['ID']);
|
$result = $this->db->query('SELECT rememberToken FROM users WHERE ID = ?', [$logindata['ID']])->result_array();
|
||||||
|
$token = $result[0]['rememberToken'];
|
||||||
|
|
||||||
if ($_COOKIE['token'] == $token) {
|
if ($token !== null && sizeof($token) == 32 && $_COOKIE['rememberToken'] == $token) {
|
||||||
echo '<br> TEST! <br>';
|
|
||||||
$this->startLoginSession($logindata, 'on');
|
$this->startLoginSession($logindata, 'on');
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
public function getUserHash($username, $password, $email, $id)
|
|
||||||
{
|
|
||||||
$hash = hash('sha256', $id . '//' . $username . '//' . substr($password, 0, 5) . '//' . substr($email, 0, 5));
|
|
||||||
return $hash;
|
|
||||||
}
|
|
||||||
|
|
||||||
public function hashMailExists($emailHash, $activation_key)
|
public function hashMailExists($emailHash, $activation_key)
|
||||||
{
|
{
|
||||||
$results = $this->db->query('SELECT ID FROM users WHERE MD5(email) = ? AND is_activated = 0 AND activation_key = ?', [$emailHash, $activation_key])->result_array();
|
$results = $this->db->query('SELECT ID FROM users WHERE MD5(email) = ? AND is_activated = 0 AND activation_key = ?', [$emailHash, $activation_key])->result_array();
|
||||||
|
|
Reference in New Issue
Block a user