Sandro Santilli
05b6891e89
Allow specifying cookie lifetime via config variable
...
Tweak $a->config['system']['auth_cookie_lifetime']
2017-04-21 16:15:39 +02:00
Sandro Santilli
e9f1a2e276
Expire log-in cookie in 90 days rather than 7
2017-04-21 15:16:12 +02:00
Sandro Santilli
8517ba1fab
Remove extra space after open parentheses
2017-03-13 23:08:03 +01:00
Sandro Santilli
cbaf196f50
Only remove the "remember me" cookie at submitting the auth form
...
Fixes loss of remember (Friendica) cookie on switching Managed accounts
2017-03-13 11:59:05 +01:00
Sandro Santilli
df6304cc42
Fix "remember me" cookie for OpenID logins
...
Closes #2432
NOTE: in order to obtain the same "cookie hash" it was required
to include unneeded fields in the user record structure, this would
be good to change in the future...
2017-03-12 01:11:35 +01:00
Roland Häder
884f44ce94
*much* more usage of App::get_baseurl() instead of $a->get_baseurl() (coding convention applied)
...
Signed-off-by: Roland Häder <roland@mxchange.org>
2016-12-19 14:27:16 +01:00
Roland Häder
6a8a36f12d
More usage of dbm::is_result($r) instead of count($r):
...
- count() returns very different results and never a boolean (not even false on
error condition).
- therefore you should NOT use it in boolean expressions. This still *can* be
done in PHP because of its lazyness. But it is discouraged if it comes to
more clean code.
Signed-off-by: Roland Häder <roland@mxchange.org>
2016-12-13 10:44:13 +01:00
Michael Vogel
18aa43e6f6
Code redesign and comments
2016-04-25 22:10:45 +02:00
Michael Vogel
2c75a0fefc
Minor session stuff
2016-04-25 20:43:40 +02:00
Michael Vogel
8c2a4fe02a
We now work with a hash to avoid cookie manipulation
2016-04-25 11:19:42 +02:00
Michael Vogel
a214fc798a
"Remember Me" should work now but needs more fine tuning
2016-04-25 07:10:40 +02:00
Michael Vogel
b4369d51f5
Improved "remember me" functionality
2016-04-25 00:02:43 +02:00
Michael Vogel
952f8514a5
"remember me" in session does work now
2016-04-05 23:28:33 +02:00
Michael Vogel
5b94c4fe41
Yes is no and no is yes ...
2015-12-25 19:57:38 +01:00
Michael Vogel
61956e1098
There is now a config value for the session management to not use the database
2015-12-22 22:11:08 +01:00
Michael Vogel
307beb47fd
Merge remote-tracking branch 'upstream/develop' into 1512-ostatus-comment
...
Conflicts:
include/ostatus.php
2015-12-22 11:25:37 +01:00
Zach Prezkuta
f0f8d0f687
delete cookie on browser close after logout
2012-12-24 12:52:49 -07:00
Zach Prezkuta
ac164cfca8
refresh login time every 12 hours for 'Remember me'
2012-11-08 17:00:37 -07:00
Zach Prezkuta
e116712bf5
add ability to remember logged in user after browser closes
2012-11-07 18:59:30 -07:00
zottel
7de5c7ebe1
Changes to make contacts delete all content from the user when a user is deleted.
...
NOTE: I didn't add "AND account_removed = 0" to facebook.php because I don't
have a clone of the addons repository. Please someone do that for me. Thanks.
Please check carefully. I tested locally on my server, but not with other
servers.
2012-11-02 21:43:47 +01:00
friendica
02251f23df
undefined fn: init_groups_visitor in mod_profile, rev update
2012-10-21 14:41:10 -07:00
Zach Prezkuta
77529ccdf1
allow individual choice of mobile themes
2012-09-06 17:24:34 -06:00
friendica
08941d4285
handle multiple underscores in D* links
2012-05-26 23:46:42 -07:00
friendica
b43b680802
clear submanage, etc from session on logout
2012-05-22 18:05:58 -07:00
Alexander Kampmann
355c42cb30
Merge branch 'master' of https://github.com/friendica/friendica
...
Conflicts:
include/config.php
update.php
2012-04-05 13:39:15 +02:00
Tobias Diekershoff
17c908973f
catch OpenID login errors in cases when the OpenID server does not answers
2012-03-30 15:19:17 +02:00
friendica
5a5aadb743
add IP address to failed login log message
2012-03-19 21:58:21 -07:00
friendica
a156ce196e
Merge pull request #150 from fabrixxm/master
...
Add "logging_out" hook
2012-03-19 15:29:32 -07:00
friendica
9e133d6412
refactor openid logins/registrations
2012-03-19 15:03:09 -07:00
Fabio Comuni
c30342e2f7
add 'loggin_out' hook
2012-03-12 15:58:59 +01:00
friendica
ada2a555dc
sql typo in auto-friend with D*
2012-02-15 23:58:28 -08:00
friendica
8aa2552372
add remove_user hook (it looks like dreamhost changed all my file permissions, this will make a nasty commit)
2012-01-18 16:21:30 -08:00
friendica
4b6990e1ff
modularise successful authentication
2012-01-12 15:46:39 -08:00
Fabio Comuni
de44072172
works on login form
2011-10-17 16:53:59 +02:00
Friendika
5b3f645939
account expiration structures
2011-09-18 19:53:45 -07:00
Friendika
8f6ae2b660
missing salmon key? report it.
2011-08-24 20:40:08 -07:00
Friendika
2637831d90
some more zot changes migrating back to f9a mainline
2011-08-01 21:02:25 -07:00
Friendika
00c548cc8f
new member page
2011-06-03 06:12:34 -07:00
Friendika
78b2db3a98
Merge branch 'fabrixxm-master'
...
Conflicts:
boot.php
2011-05-23 18:17:02 -07:00
Friendika
3e6180183b
improved browser language detect, set user language on login
2011-05-23 17:18:36 -07:00
Fabio Comuni
e1107b55c6
add info() function. Works like notice() but show messages in a div with class info-message.
...
update code to use info() instead of notice() when appropriate (non-error message)
add info-message class style in themes
2011-05-23 11:39:57 +02:00
Friendika
730322ee5f
bug #70 - error messages on group deletion, warning cleanup
2011-05-15 16:36:49 -07:00
Friendika
a5e0190f23
missing self photo on remote site comment boxes
2011-05-09 22:15:19 -07:00
Friendika
a0e7d8fa00
redirect to profile photo upload on very first login
2011-04-23 17:31:23 -07:00
Friendika
377f991ac5
switch identities to manage pages
2011-03-01 20:18:47 -08:00
Friendika
5bfb0ba4c2
birthday notifications working
2011-01-13 20:28:33 -08:00
Friendika
fd9b506c2f
Add sample external authentication plugin (ldap)
2010-12-27 14:59:26 -08:00
Friendika
c217e9da34
add authentication plugin hooks
2010-12-24 15:59:12 -08:00
Friendika
f60f82727f
register/login timestamps
2010-12-16 16:35:45 -08:00
Friendika
67e827e128
paranoid option to reduce session hijacking by enforcing an IP match on session validation. This is not claimed to be a perfect solution to the problem by any stretch, it merely raises the bar on the script kiddies to the detriment of those whose dynamic IPs aren't long lived. For these reasons it is opt-in.
2010-11-29 23:16:14 -08:00