Home Explore Help
Register Sign In
Omnimaga
/
bugs
2
0
Fork 0
Files Issues 0 Pull Requests 0 Wiki
Browse Source

Fixes to login.

Nathaniel van Diepen 10 years ago
parent
10fb5ab06f
commit
772b23cce3
3 changed files with 15 additions and 9 deletions
Split View Show Diff Stats
  1. 9 2
      js/index.js
  2. 1 2
      php/security.php
  3. 5 5
      php/user.php

+ 9 - 2
js/index.js
View File 

@@ -7,8 +7,15 @@
 
 			return typeof v != 'undefined';
 
 		},
 
 		setKey = window.setKey = function(key){
 
-			Key = key;
 
-			$.cookie('key',key);
 
+			if(key !== null){
 
+				console.log('Key change to '+key);
 
+				Key = key;
 
+				$.cookie('key',key,{expires:7});
 
+			}else{
 
+				console.log('Key deleted');
 
+				Key = null;
 
+				$.cookie('key',null,{expires:-7});
 
+			}
 
 		},
 
 		getKey = window.getKey = function(){
 
 			return Key;

+ 1 - 2
php/security.php
View File 

@@ -17,7 +17,7 @@
 
 	}
 
 	function authenticate(){
 
 		global $SESSION;
 
-		if(isset($_GET['key'])&&isset($SESSION['key'])&&isset($SESSION['username'])&&isUser($SESSION['usernamed'])){
 
+		if(isset($_GET['key'])&&isset($SESSION['key'])&&isset($SESSION['username'])&&isUser($SESSION['username'])){
 
 			if($_GET['key'] != $SESSION['key']){
 
 				setKey(null);
 
 				retj(Array('error'=>'Invalid key, you were logged out.'));
 
@@ -32,7 +32,6 @@
 
 		if($key == null){
 
 			unset($SESSION['key']);
 
 			unset($SESSION['username']);
 
-			setcookie('key','',time()-3600);
 
 		}else{
 
 			$SESSION['key'] = $key;
 
 			setcookie('key',$key,time()+3600);

+ 5 - 5
php/user.php
View File 

@@ -4,16 +4,16 @@
 
 	require_once(PATH_PHP.'security.php');
 
 	$mysqli = $GLOBALS['mysqli'];
 
 	function addUser($username,$password,$email){
 
-		$mysqli = $GLOBALS['mysqli'];
 
+		global $mysqli;
 
 		$salt = $mysqli->escape_string(salt());
 
 		$email = $mysqli->escape_string($email);
 
 		$username = $mysqli->escape_string($username);
 
 		$hash = $mysqli->escape_string(saltedHash($password,$salt));
 
-		return $mysqli->query("INSERT INTO `".get("database")."`.`users` (email,name,password,salt) VALUES ('{$email}','{$username}','{$hash}','{$salt}')");
 
+		return query("INSERT INTO `users` (email,name,password,salt) VALUES ('%s','%s','%s','%s')",Array($email,$username,$hash,$salt));
 
 	}
 
 	function login($username,$password){
 
-		$mysqli = $GLOBALS['mysqli'];
 
-		if($res = $mysqli->query("SELECT name,password,salt FROM `".get("database")."`.`users` WHERE name = '{$username}'")){
 
+		global $mysqli;
 
+		if($res = query("SELECT name,password,salt FROM `users` WHERE name = '%s'",Array($username))){
 
 			if($res->num_rows == 1){
 
 				$row = $res->fetch_assoc();
 
 				if(compareSaltedHash($password,$row['salt'],$row['password'])){
 
@@ -24,7 +24,7 @@
 
 		return false;
 
 	}
 
 	function isUser($name){
 
-		if(query("SELECT id FROM `".get('database')."`.`users` WHERE name='%s'",Array($name))){
 
+		if(query("SELECT id FROM `users` WHERE name='%s'",Array($name))){
 
 			return true;
 
 		}else{
 
 			return false;