From 60ed4c9ad50e10dc2e91991de32df5e9289ceda6 Mon Sep 17 00:00:00 2001 From: Andrew Dolgov Date: Thu, 28 Mar 2013 09:09:41 +0400 Subject: [PATCH] add yet another workaround for stuck login due to session cookies --- classes/handler/public.php | 5 ++--- include/sessions.php | 7 +++++++ 2 files changed, 9 insertions(+), 3 deletions(-) diff --git a/classes/handler/public.php b/classes/handler/public.php index 51e50adc8..798e96343 100644 --- a/classes/handler/public.php +++ b/classes/handler/public.php @@ -492,9 +492,6 @@ class Handler_Public extends Handler { } function login() { - @session_destroy(); - @session_start(); - $_SESSION["prefs_cache"] = array(); if (!SINGLE_USER_MODE) { @@ -503,6 +500,8 @@ class Handler_Public extends Handler { $password = $_POST["password"]; $remember_me = $_POST["remember_me"]; + @session_start(); + if (authenticate_user($this->link, $login, $password)) { $_POST["password"] = ""; diff --git a/include/sessions.php b/include/sessions.php index a83daea82..acb2fc38d 100644 --- a/include/sessions.php +++ b/include/sessions.php @@ -107,6 +107,13 @@ if (!defined('TTRSS_SESSION_NAME') || TTRSS_SESSION_NAME != 'ttrss_api_sid') { if ($_COOKIE[$session_name]) { @session_start(); + + if (!$_SESSION["uid"]) { + session_destroy(); + if (isset($_COOKIE[session_name()])) { + setcookie(session_name(), '', time()-42000, '/'); + } + } } } ?>