Fix remember me function on login
This commit is contained in:
parent
1a1ac17ecf
commit
b036b4d36e
|
@ -25,7 +25,8 @@
|
|||
$_SESSION['loggedOut'] = false;
|
||||
$rememberMe = isset($_POST['rememberMe']) ? $_POST['rememberMe'] : 'off';
|
||||
$this->LoginModel->login($_POST['loginname'], $_POST['loginPassword'], $rememberMe);
|
||||
isset($_GET['r']) && !empty($_GET['r']) ? redirect(base64_decode($_GET['r'])) : redirect(base_url('login'));
|
||||
|
||||
isset($_GET['r']) && !empty($_GET['r']) ? redirect(base64_decode(urldecode($_GET['r']))) : redirect(base_url('login'));
|
||||
}
|
||||
|
||||
$notice = isset($_SESSION['notice']) ? $_SESSION['notice'] : '';
|
||||
|
@ -141,13 +142,11 @@
|
|||
|
||||
public function logout()
|
||||
{
|
||||
unset($_SESSION['user']);
|
||||
$this->load->helper('cookie');
|
||||
// delete_cookie('rememberMe');
|
||||
// delete_cookie('token');
|
||||
$notice = '<div class="alert alert-warning alert-dismissible"><button type="button" class="close" data-dismiss="alert" aria-label="Schließen"><span aria-hidden="true">×</span></button><strong>Abgemeldet!</strong> Du wurdest erfolgreich abgemeldet! Ich hoffe wir sehen uns bald wieder.</div>';
|
||||
$this->LoginModel->logout();
|
||||
|
||||
$notice = '<div class="alert alert-warning alert-dismissible"><button type="button" class="close" data-dismiss="alert" aria-label="Schließen"><span aria-hidden="true">×</span></button><strong>Abgemeldet!</strong> Du wurdest erfolgreich abgemeldet! Ich hoffe, wir sehen uns bald wieder.</div>';
|
||||
$_SESSION['notice'] = $notice;
|
||||
$_SESSION['loggedOut'] = true;
|
||||
|
||||
$redirect = isset($_GET['redirect']) ? urldecode(base64_decode($_GET['redirect'])) : base_url("login");
|
||||
redirect($redirect);
|
||||
}
|
||||
|
|
|
@ -37,6 +37,17 @@
|
|||
}
|
||||
}
|
||||
|
||||
public function logout() {
|
||||
delete_cookie('rememberMe');
|
||||
delete_cookie('rememberToken');
|
||||
|
||||
$userID = $_SESSION['user']['ID'];
|
||||
$this->db->query('UPDATE users SET isCurrentlyOnline = false, rememberToken = null WHERE ID = ?', [$userID]);
|
||||
|
||||
unset($_SESSION['user']);
|
||||
$_SESSION['loggedOut'] = true;
|
||||
}
|
||||
|
||||
public function getLoginData($username)
|
||||
{
|
||||
$this->db->cache_off();
|
||||
|
@ -53,6 +64,12 @@
|
|||
return $passwordHash;
|
||||
}
|
||||
|
||||
private function generateRandomUserHash($username) {
|
||||
$base = uniqid();
|
||||
$seed = $username . date(time());
|
||||
return md5($base . $seed);
|
||||
}
|
||||
|
||||
public function startLoginSession($logindata, $rememberMe)
|
||||
{
|
||||
$this->reloadLoginSession($logindata);
|
||||
|
@ -61,20 +78,14 @@
|
|||
|
||||
if ($rememberMe == 'on') {
|
||||
$expire = 3600 * 24 * 60;
|
||||
$userHash = $this->LoginModel->getUserHash($logindata['username'], $logindata['password'], $logindata['email'], $logindata['ID']);
|
||||
// $this->input->set_cookie('rememberMe', base64_encode($logindata['username']), $expire, base_url(), '/');
|
||||
// $this->input->set_cookie('token', $userHash, $expire, base_url(), '/');
|
||||
$userHash = base64_encode($logindata['username']);
|
||||
$loginHash = $this->generateRandomUserHash($userHash);
|
||||
$this->db->query('UPDATE users SET rememberToken = ? WHERE ID = ?', [$loginHash, $logindata['ID']]);
|
||||
|
||||
var_dump(get_cookie('rememberMe'));
|
||||
$domain = explode('/', base_url())[2];
|
||||
|
||||
echo 'fresh';
|
||||
var_dump($_COOKIE);
|
||||
$_COOKIE['rememberMe'] = base64_encode($logindata['username']);
|
||||
$_COOKIE['token'] = $userHash;
|
||||
echo 'tech';
|
||||
// var_dump(get_cookie('rememberMe'));
|
||||
// var_dump(get_cookie('token'));
|
||||
var_dump($_COOKIE);
|
||||
$this->input->set_cookie('rememberMe', $userHash, $expire, $domain, '/');
|
||||
$this->input->set_cookie('rememberToken', $loginHash, $expire, $domain, '/');
|
||||
}
|
||||
}
|
||||
|
||||
|
@ -143,28 +154,20 @@
|
|||
if (isset($_SESSION['loggedOut']) && $_SESSION['loggedOut']) {
|
||||
return;
|
||||
}
|
||||
var_dump('test');
|
||||
if (!isset($_SESSION['user']) && isset($_COOKIE['rememberMe']) && isset($_COOKIE['token'])) {
|
||||
var_dump($_COOKIE);
|
||||
if (!isset($_SESSION['user']) && isset($_COOKIE['rememberMe']) && isset($_COOKIE['rememberToken'])) {
|
||||
$logindata = $this->getLoginData(base64_decode($_COOKIE['rememberMe']));
|
||||
if (!empty($logindata)) {
|
||||
$logindata = $logindata[0];
|
||||
$token = $this->getUserHash($logindata['username'], $logindata['password'], $logindata['email'], $logindata['ID']);
|
||||
$result = $this->db->query('SELECT rememberToken FROM users WHERE ID = ?', [$logindata['ID']])->result_array();
|
||||
$token = $result[0]['rememberToken'];
|
||||
|
||||
if ($_COOKIE['token'] == $token) {
|
||||
echo '<br> TEST! <br>';
|
||||
if ($token !== null && sizeof($token) == 32 && $_COOKIE['rememberToken'] == $token) {
|
||||
$this->startLoginSession($logindata, 'on');
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
public function getUserHash($username, $password, $email, $id)
|
||||
{
|
||||
$hash = hash('sha256', $id . '//' . $username . '//' . substr($password, 0, 5) . '//' . substr($email, 0, 5));
|
||||
return $hash;
|
||||
}
|
||||
|
||||
public function hashMailExists($emailHash, $activation_key)
|
||||
{
|
||||
$results = $this->db->query('SELECT ID FROM users WHERE MD5(email) = ? AND is_activated = 0 AND activation_key = ?', [$emailHash, $activation_key])->result_array();
|
||||
|
|
Reference in New Issue
Block a user