summaryrefslogtreecommitdiffstats
path: root/lib/user.php
diff options
context:
space:
mode:
authorBartek Przybylski <bart.p.pl@gmail.com>2011-09-18 15:05:53 +0200
committerBartek Przybylski <bart.p.pl@gmail.com>2011-09-18 15:05:53 +0200
commit94696ea7dec2931f1e700a5e5261bd1dfabf3705 (patch)
tree9f2e65584e4061ace1591974f67d95b46028a678 /lib/user.php
parent68e7666293f65670242c76f8fa269c88f7fdc267 (diff)
downloadnextcloud-server-94696ea7dec2931f1e700a5e5261bd1dfabf3705.tar.gz
nextcloud-server-94696ea7dec2931f1e700a5e5261bd1dfabf3705.zip
remember changed not to store password in cookie
Diffstat (limited to 'lib/user.php')
-rw-r--r--lib/user.php32
1 files changed, 19 insertions, 13 deletions
diff --git a/lib/user.php b/lib/user.php
index 72dfd7970bb..3e73b2f1008 100644
--- a/lib/user.php
+++ b/lib/user.php
@@ -194,16 +194,22 @@ class OC_User {
if( $run ){
$uid=self::checkPassword( $uid, $password );
if($uid){
- $_SESSION['user_id'] = $uid;
OC_Crypt::init($uid,$password);
- OC_Hook::emit( "OC_User", "post_login", array( "uid" => $uid ));
- return true;
- }else{
- return false;
+ return self::setUserId($uid);
}
- }else{
- return false;
}
+ return false;
+ }
+
+ /**
+ * @brief Sets user id for session and triggers emit
+ * @returns true
+ *
+ */
+ public static function setUserId($uid) {
+ $_SESSION['user_id'] = $uid;
+ OC_Hook::emit( "OC_User", "post_login", array( "uid" => $uid ));
+ return true;
}
/**
@@ -215,7 +221,7 @@ class OC_User {
public static function logout(){
OC_Hook::emit( "OC_User", "logout", array());
$_SESSION['user_id'] = false;
- OC_User::unsetUsernameInCookie();
+ OC_User::unsetMagicInCookie();
return true;
}
@@ -341,21 +347,21 @@ class OC_User {
* @brief Set cookie value to use in next page load
* @param string $username username to be set
*/
- public static function setUsernameInCookie($username, $password){
+ public static function setMagicInCookie($username, $token){
setcookie("oc_username", $username, time()+60*60*24*15);
- setcookie("oc_password", $password, time()+60*60*24*15);
+ setcookie("oc_token", $token, time()+60*60*24*15);
setcookie("oc_remember_login", true, time()+60*60*24*15);
}
/**
* @brief Remove cookie for "remember username"
*/
- public static function unsetUsernameInCookie(){
+ public static function unsetMagicInCookie(){
unset($_COOKIE["oc_username"]);
- unset($_COOKIE["oc_password"]);
+ unset($_COOKIE["oc_token"]);
unset($_COOKIE["oc_remember_login"]);
setcookie("oc_username", NULL, -1);
- setcookie("oc_password", NULL, -1);
+ setcookie("oc_token", NULL, -1);
setcookie("oc_remember_login", NULL, -1);
}
}