novabbs
/
rocksolid-light
3
0
Fork 1
Code Issues 22 Pull Requests Releases Wiki Activity

Allow Logout without re-entering auth.

This commit is contained in:
Retro_Guy 2024-07-17 06:34:24 -07:00
parent c908cb71fb
commit 171be3cc17
1 changed files with 11 additions and 27 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

38
Rocksolid_Light/spoolnews/user.php
View File

@ -65,9 +65,6 @@ if (disable_page_by_user_agent($client_device, "bot", "User")) {
exit(); exit();
} }
// How long should cookie allow user to stay logged in?
// 14400 = 4 hours
$auth_expire = 14400;
$logged_in = false; $logged_in = false;
if (! isset($_POST['username'])) { if (! isset($_POST['username'])) {
$_POST['username'] = $_COOKIE['mail_name']; $_POST['username'] = $_COOKIE['mail_name'];
@ -86,22 +83,7 @@ if ((password_verify($_POST['username'] . $keys[0] . get_user_config($_POST['use
if ($ip_pass) { if ($ip_pass) {
$_SESSION['pass'] = true; $_SESSION['pass'] = true;
} }
$authkey = password_hash($_POST['username'] . $keys[0] . get_user_config($_POST['username'], 'encryptionkey'), PASSWORD_DEFAULT); set_user_logged_in_cookies($name, $keys);
$pkey = hash('crc32', get_user_config($_POST['username'], 'encryptionkey'));
set_user_config(strtolower($_POST['username']), "pkey", $pkey);
?>
<script type="text/javascript">
if (navigator.cookieEnabled)
var authcookie = "<?php echo $authkey; ?>";
var savename = "<?php echo stripslashes($name); ?>";
var auth_expire = "<?php echo $auth_expire; ?>";
var name_expire = "7776000";
var pkey = "<?php echo $pkey; ?>";
document.cookie = "mail_auth="+authcookie+"; max-age="+auth_expire+"; path=/";
document.cookie = "mail_name="+savename+"; max-age="+name_expire+"; path=/";
document.cookie = "pkey="+pkey+"; max-age="+name_expire+"; path=/";
</script>
<?php
$logged_in = true; $logged_in = true;
} else { } else {
echo 'Authentication Required'; echo 'Authentication Required';
@ -143,14 +125,16 @@ if ($logged_in == true) {
echo '<button class="np_button_link" type="submit">Configuration</button>'; echo '<button class="np_button_link" type="submit">Configuration</button>';
echo '</form>'; echo '</form>';
echo '</td>'; echo '</td>';
// Logout button }
echo '<td>'; if ((isset($_COOKIE["mail_name"]))) {
echo '<form target="' . $frame['content'] . '" method="post" action="user.php">'; // Logout button
echo '<input name="command" type="hidden" id="command" value="Logout" readonly="readonly">'; echo '<td>';
echo "<input type='hidden' name='username' value='" . $_POST['username'] . "' />"; echo '<form target="' . $frame['content'] . '" method="post" action="user.php">';
echo '<button class="np_button_link" type="submit">Logout</button>'; echo '<input name="command" type="hidden" id="command" value="Logout" readonly="readonly">';
echo '</form>'; echo "<input type='hidden' name='username' value='" . $_POST['username'] . "' />";
echo '</td>'; echo '<button class="np_button_link" type="submit">Logout</button>';
echo '</form>';
echo '</td>';
} }
echo '<td width=100%></td></tr></table>'; echo '<td width=100%></td></tr></table>';