Commit Graph

78 Commits

Author SHA1 Message Date
Sandro Santilli e9f1a2e276 Expire log-in cookie in 90 days rather than 7 2017-04-21 15:16:12 +02:00
Sandro Santilli 8517ba1fab Remove extra space after open parentheses 2017-03-13 23:08:03 +01:00
Sandro Santilli cbaf196f50 Only remove the "remember me" cookie at submitting the auth form
Fixes loss of remember (Friendica) cookie on switching Managed accounts
2017-03-13 11:59:05 +01:00
Sandro Santilli df6304cc42 Fix "remember me" cookie for OpenID logins
Closes #2432

NOTE: in order to obtain the same "cookie hash" it was required
to include unneeded fields in the user record structure, this would
be good to change in the future...
2017-03-12 01:11:35 +01:00
Roland Häder 884f44ce94 *much* more usage of App::get_baseurl() instead of $a->get_baseurl() (coding convention applied)
Signed-off-by: Roland Häder <roland@mxchange.org>
2016-12-19 14:27:16 +01:00
Roland Häder 6a8a36f12d More usage of dbm::is_result($r) instead of count($r):
- count() returns very different results and never a boolean (not even false on
  error condition).
- therefore you should NOT use it in boolean expressions. This still *can* be
  done in PHP because of its lazyness. But it is discouraged if it comes to
  more clean code.

Signed-off-by: Roland Häder <roland@mxchange.org>
2016-12-13 10:44:13 +01:00
Michael Vogel 18aa43e6f6 Code redesign and comments 2016-04-25 22:10:45 +02:00
Michael Vogel 2c75a0fefc Minor session stuff 2016-04-25 20:43:40 +02:00
Michael Vogel 8c2a4fe02a We now work with a hash to avoid cookie manipulation 2016-04-25 11:19:42 +02:00
Michael Vogel a214fc798a "Remember Me" should work now but needs more fine tuning 2016-04-25 07:10:40 +02:00
Michael Vogel b4369d51f5 Improved "remember me" functionality 2016-04-25 00:02:43 +02:00
Michael Vogel 952f8514a5 "remember me" in session does work now 2016-04-05 23:28:33 +02:00
Michael Vogel 5b94c4fe41 Yes is no and no is yes ... 2015-12-25 19:57:38 +01:00
Michael Vogel 61956e1098 There is now a config value for the session management to not use the database 2015-12-22 22:11:08 +01:00
Michael Vogel 307beb47fd Merge remote-tracking branch 'upstream/develop' into 1512-ostatus-comment
Conflicts:
	include/ostatus.php
2015-12-22 11:25:37 +01:00
Zach Prezkuta f0f8d0f687 delete cookie on browser close after logout 2012-12-24 12:52:49 -07:00
Zach Prezkuta ac164cfca8 refresh login time every 12 hours for 'Remember me' 2012-11-08 17:00:37 -07:00
Zach Prezkuta e116712bf5 add ability to remember logged in user after browser closes 2012-11-07 18:59:30 -07:00
zottel 7de5c7ebe1 Changes to make contacts delete all content from the user when a user is deleted.
NOTE: I didn't add "AND account_removed = 0" to facebook.php because I don't
have a clone of the addons repository. Please someone do that for me. Thanks.

Please check carefully. I tested locally on my server, but not with other
servers.
2012-11-02 21:43:47 +01:00
friendica 02251f23df undefined fn: init_groups_visitor in mod_profile, rev update 2012-10-21 14:41:10 -07:00
Zach Prezkuta 77529ccdf1 allow individual choice of mobile themes 2012-09-06 17:24:34 -06:00
friendica 08941d4285 handle multiple underscores in D* links 2012-05-26 23:46:42 -07:00
friendica b43b680802 clear submanage, etc from session on logout 2012-05-22 18:05:58 -07:00
Alexander Kampmann 355c42cb30 Merge branch 'master' of https://github.com/friendica/friendica
Conflicts:
	include/config.php
	update.php
2012-04-05 13:39:15 +02:00
Tobias Diekershoff 17c908973f catch OpenID login errors in cases when the OpenID server does not answers 2012-03-30 15:19:17 +02:00
friendica 5a5aadb743 add IP address to failed login log message 2012-03-19 21:58:21 -07:00
friendica a156ce196e Merge pull request #150 from fabrixxm/master
Add "logging_out" hook
2012-03-19 15:29:32 -07:00
friendica 9e133d6412 refactor openid logins/registrations 2012-03-19 15:03:09 -07:00
Fabio Comuni c30342e2f7 add 'loggin_out' hook 2012-03-12 15:58:59 +01:00
friendica ada2a555dc sql typo in auto-friend with D* 2012-02-15 23:58:28 -08:00
friendica 8aa2552372 add remove_user hook (it looks like dreamhost changed all my file permissions, this will make a nasty commit) 2012-01-18 16:21:30 -08:00
friendica 4b6990e1ff modularise successful authentication 2012-01-12 15:46:39 -08:00
Fabio Comuni de44072172 works on login form 2011-10-17 16:53:59 +02:00
Friendika 5b3f645939 account expiration structures 2011-09-18 19:53:45 -07:00
Friendika 8f6ae2b660 missing salmon key? report it. 2011-08-24 20:40:08 -07:00
Friendika 2637831d90 some more zot changes migrating back to f9a mainline 2011-08-01 21:02:25 -07:00
Friendika 00c548cc8f new member page 2011-06-03 06:12:34 -07:00
Friendika 78b2db3a98 Merge branch 'fabrixxm-master'
Conflicts:
	boot.php
2011-05-23 18:17:02 -07:00
Friendika 3e6180183b improved browser language detect, set user language on login 2011-05-23 17:18:36 -07:00
Fabio Comuni e1107b55c6 add info() function. Works like notice() but show messages in a div with class info-message.
update code to use info() instead of notice() when appropriate (non-error message)
add info-message class style in themes
2011-05-23 11:39:57 +02:00
Friendika 730322ee5f bug #70 - error messages on group deletion, warning cleanup 2011-05-15 16:36:49 -07:00
Friendika a5e0190f23 missing self photo on remote site comment boxes 2011-05-09 22:15:19 -07:00
Friendika a0e7d8fa00 redirect to profile photo upload on very first login 2011-04-23 17:31:23 -07:00
Friendika 377f991ac5 switch identities to manage pages 2011-03-01 20:18:47 -08:00
Friendika 5bfb0ba4c2 birthday notifications working 2011-01-13 20:28:33 -08:00
Friendika fd9b506c2f Add sample external authentication plugin (ldap) 2010-12-27 14:59:26 -08:00
Friendika c217e9da34 add authentication plugin hooks 2010-12-24 15:59:12 -08:00
Friendika f60f82727f register/login timestamps 2010-12-16 16:35:45 -08:00
Friendika 67e827e128 paranoid option to reduce session hijacking by enforcing an IP match on session validation. This is not claimed to be a perfect solution to the problem by any stretch, it merely raises the bar on the script kiddies to the detriment of those whose dynamic IPs aren't long lived. For these reasons it is opt-in. 2010-11-29 23:16:14 -08:00
Friendika 62bb471ba0 localise login template, allow openid to be disabled 2010-11-28 20:58:23 -08:00