diff options
| author | Karl 'vollmerk' Vollmer <vollmer@ampache.org> | 2009-12-23 14:54:45 +0000 |
|---|---|---|
| committer | Karl 'vollmerk' Vollmer <vollmer@ampache.org> | 2009-12-23 14:54:45 +0000 |
| commit | 7e1e044abaf26c10db6774e699059d37e10aa0cb (patch) | |
| tree | 94d340ccf48f697fb8746241cbe9bbde9f2e4153 | |
| parent | d8ea07a04acc03160ac73f5db2a9249890e5fd13 (diff) | |
| download | ampache-7e1e044abaf26c10db6774e699059d37e10aa0cb.tar.gz ampache-7e1e044abaf26c10db6774e699059d37e10aa0cb.tar.bz2 ampache-7e1e044abaf26c10db6774e699059d37e10aa0cb.zip | |
make it actually extend the session, also improve debug on the image page
| -rw-r--r-- | image.php | 2 | ||||
| -rw-r--r-- | lib/class/shoutbox.class.php | 4 | ||||
| -rw-r--r-- | lib/init.php | 7 |
3 files changed, 9 insertions, 4 deletions
@@ -32,7 +32,7 @@ require 'lib/init.php'; // Check to see if they've got an interface session or a valid API session, if not GTFO if (!vauth::session_exists('interface',$_COOKIE[Config::get('session_name')]) AND !vauth::session_exists('api',$_REQUEST['auth']) AND !vauth::session_exists('xml-rpc',$_REQUEST['auth'])) { - debug_event('DENIED','Image Access, Checked Cookie Session and Auth:' . $_REQUEST['auth'],'1'); + debug_event('DENIED','Image Access, Checked Cookie Session:' . $_COOKIE[Config::get('session_name')] . ' and Auth:' . $_REQUEST['auth'],'1'); exit; } diff --git a/lib/class/shoutbox.class.php b/lib/class/shoutbox.class.php index d0c591d3..80da983d 100644 --- a/lib/class/shoutbox.class.php +++ b/lib/class/shoutbox.class.php @@ -69,7 +69,7 @@ class shoutBox { // If we've already got too many stop here if (count($shouts) > $limit) { - $shouts = array_slice(0,$limit,$shouts); + $shouts = array_slice($shouts,0,$limit); return $shouts; } @@ -213,7 +213,7 @@ class shoutBox { public function delete($shout_id) { // Delete the shoutbox post - + $shout_id = Dba::escape($shout_id); $sql = "DELETE FROM `user_shout` WHERE `id`='$shout_id'"; $db_results = Dba::write($sql); diff --git a/lib/init.php b/lib/init.php index 7b0361d1..3405a754 100644 --- a/lib/init.php +++ b/lib/init.php @@ -200,7 +200,10 @@ if (in_array("http",$results['auth_methods']) AND empty($_COOKIE[$session_name]) // If we want a session if (NO_SESSION != '1' AND Config::get('use_auth')) { /* Verify Their session */ - if (!vauth::check_session()) { vauth::logout(session_id()); exit; } + if (!vauth::session_exists('interface',$_COOKIE[Config::get('session_name')])) { vauth::logout($_COOKIE[Config::get('session_name')]); exit; } + + // This actually is starting the session + vauth::check_session(); /* Create the new user */ $GLOBALS['user'] = User::get_from_username($_SESSION['userdata']['username']); @@ -208,6 +211,8 @@ if (NO_SESSION != '1' AND Config::get('use_auth')) { /* If they user ID doesn't exist deny them */ if (!$GLOBALS['user']->id AND !Config::get('demo_mode')) { vauth::logout(session_id()); exit; } + vauth::session_extend(session_id()); + /* Load preferences and theme */ $GLOBALS['user']->update_last_seen(); } |