login system fixes (4)

This commit is contained in:
Andrew Dolgov 2007-03-01 14:33:29 +01:00
parent a885f0ec2a
commit c12510cd4d
1 changed files with 4 additions and 2 deletions

View File

@ -1191,7 +1191,7 @@
}
}
if ($_COOKIE["ttrss_sid"]) {
if ($_COOKIE[get_session_cookie_name()]) {
require_once "sessions.php";
}
@ -1204,7 +1204,7 @@
$login_action = $_POST["login_action"];
# try to authenticate user if called from login form
if ($login_action == "do_login") {
if ($login_action == "do_login" && !$_SESSION["uid"]) {
$login = $_POST["login"];
$password = $_POST["password"];
$remember_me = $_POST["remember_me"];
@ -1217,6 +1217,8 @@
require_once "sessions.php";
session_regenerate_id();
if (authenticate_user($link, $login, $password)) {
$_POST["password"] = "";