aboutsummaryrefslogtreecommitdiff
path: root/frontend/lib/session.class.php
diff options
context:
space:
mode:
Diffstat (limited to 'frontend/lib/session.class.php')
-rw-r--r--frontend/lib/session.class.php53
1 files changed, 22 insertions, 31 deletions
diff --git a/frontend/lib/session.class.php b/frontend/lib/session.class.php
index b1f7208..683bf73 100644
--- a/frontend/lib/session.class.php
+++ b/frontend/lib/session.class.php
@@ -2,7 +2,7 @@
/*
Cheetah News lib/session.class.php
- Copyright (C) 2005, 2006, 2007, 2008 Wojciech Polak.
+ Copyright (C) 2005, 2006, 2007, 2008, 2010 Wojciech Polak.
This program is free software; you can redistribute it and/or modify it
under the terms of the GNU General Public License as published by the
@@ -18,7 +18,7 @@
with this program. If not, see <http://www.gnu.org/licenses/>.
*/
-function start_session ($persistentCookie, $noCache = true, $age = 30)
+function start_session ($persistentCookie, $noCache=true, $age=30)
{
global $session;
@@ -87,7 +87,7 @@ class Session
$this->status['iflogged'] = '';
}
- function login ($email, $pass, $feedurl='')
+ function login ($email, $pass)
{
global $CONF;
@@ -131,10 +131,10 @@ class Session
$db->query ("UPDATE user SET lastLog='".gmdate ('Y-m-d H:i:s')."', ".
"active='yes', failogCount=0 WHERE id='".$this->id."'");
- $r = $CONF['secureProto'].'://'.$CONF['site'].'/rd';
- if (!empty ($feedurl))
- $r .= '?feedurl=' . urlencode ($feedurl);
- redirect ($r);
+ if (isset ($_SERVER['HTTPS']))
+ redirect ($CONF['secureProto'].'://'.$CONF['site'].'/rd');
+ else
+ redirect ('http://'.$CONF['site'].'/');
}
else /* failog, protection against dictionary attack */
{
@@ -145,14 +145,14 @@ class Session
}
}
- function openid1 ($openid_identifier, $feedurl='')
+ function openid1 ($openid_identifier)
{
global $CONF;
session_regenerate_id ();
- $process_url = $CONF['secureProto'].'://'.$CONF['site'].'/login';
- $trust_root = $CONF['secureProto'].'://'.$CONF['site'].'/';
+ $process_url = 'http://'.$CONF['site'].'/login';
+ $trust_root = 'http://'.$CONF['site'].'/';
$store = new Auth_OpenID_FileStore ($CONF['openIdStorePath']);
$consumer = new Auth_OpenID_Consumer ($store);
@@ -180,7 +180,7 @@ class Session
redirect ($redirect_url);
}
- function openid2 ($identity, $email, $feedurl='')
+ function openid2 ($identity, $email)
{
global $CONF;
@@ -208,10 +208,10 @@ class Session
$db->query ("UPDATE user SET lastLog='".gmdate ('Y-m-d H:i:s')."', ".
"active='yes' WHERE id='".$this->id."'");
- $r = $CONF['secureProto'].'://'.$CONF['site'].'/rd';
- if (!empty ($feedurl))
- $r .= '?feedurl=' . urlencode ($feedurl);
- redirect ($r);
+ if (isset ($_SERVER['HTTPS']))
+ redirect ($CONF['secureProto'].'://'.$CONF['site'].'/rd');
+ else
+ redirect ('http://'.$CONF['site'].'/');
}
else
return "OpenID account match error";
@@ -243,7 +243,7 @@ class Session
return _("New OpenID accounts without email address are not supported.");
}
- function fb_login (&$fb, $fb_uid, $insideFB=false, $feedurl='')
+ function fb_login (&$fb, $fb_uid, $insideFB=false)
{
global $CONF;
@@ -262,15 +262,10 @@ class Session
$db->query ("UPDATE user SET lastLog='".gmdate ('Y-m-d H:i:s')."', ".
"active='yes' WHERE id='".$this->id."'");
- if ($insideFB) {
+ if ($insideFB)
$r = 'http://'.$CONF['site'].'/reader?insideFB=1';
- }
- else {
- if (!empty ($feedurl))
- $r = 'http://'.$CONF['site'].'/rd?feedurl='.urlencode ($feedurl);
- else
- $r = 'http://'.$CONF['site'].'/';
- }
+ else
+ $r = 'http://'.$CONF['site'].'/';
redirect ($r);
}
else
@@ -328,7 +323,7 @@ class Session
redirect ('http://'.$CONF['site'].'/');
}
- function auth ($res, $feedurl = '')
+ function auth ($res)
{
global $_ARGS, $CONF;
@@ -359,12 +354,8 @@ class Session
}
else if ($res == 'iflogged')
return false;
- else {
- $r = 'http://'.$CONF['site'].'/login';
- if (!empty ($feedurl))
- $r .= '?feedurl=' . urlencode ($feedurl);
- redirect ($r);
- }
+ else
+ redirect ('http://'.$CONF['site'].'/login');
}
}

Return to:

Send suggestions and report system problems to the System administrator.