Browse Source

allow permanent login (cookie)

master
Fabian Kurz 2 years ago
parent
commit
79d6222f50
  1. 26
      index.php
  2. 11
      login.php

26
index.php

@ -369,6 +369,32 @@ If you like to start over (re-upload your whole log), you can delete all QSOs th
<?
}
else {
# first check if there's a valid cookie
$id = $_COOKIE['cwops_id']+0;
$hash = $_COOKIE['cwops_hash'];
if (is_int($id) and preg_match("/^[a-f0-9]{40}$/", $hash)) {
$redis = new Redis();
$redis->connect('127.0.0.1', 6379);
$h = $redis->hget("cwops_sessions", $_COOKIE['cwops_id']);
if ($h == $_COOKIE['cwops_hash']) { # correct cookie
$q = mysqli_query($db, "SELECT * from cwops_users where id='$id'");
$user = mysqli_fetch_object($q);
if ($user) {
$_SESSION['id'] = $user->id;
$_SESSION['callsign'] = $user->callsign;
$_SESSION['email'] = $user->email;
error_log("successful login of ".$user->callsign." (via cookie)");
?>
<a href="/">Welcome back... Click here if you are not logged in automatically.</a>
<script>
window.location.href = "https://cwops.telegraphy.de/";
</script>
<?
}
}
}
?>
<p>In order to track your standings for the various <a href="https://cwops.org/contact-us/awards/">CWops awards</a>, create a free account <em>or</em> if you already have an account, log in with the form below:</p>

11
login.php

@ -25,6 +25,11 @@ else {
return;
function logout () {
$redis = new Redis();
$redis->connect('127.0.0.1', 6379);
$redis->hset("cwops_sessions", $_SESSION['id'], "logout");
setcookie("cwops_id", "", 1);
setcookie("cwops_hash", "", 1);
session_destroy();
header("Location: https://cwops.telegraphy.de/");
return;
@ -136,6 +141,12 @@ function log_in_or_create ($call, $password, $recursive) {
$_SESSION['id'] = $user->id;
$_SESSION['callsign'] = $user->callsign;
$_SESSION['email'] = $user->email;
$redis = new Redis();
$redis->connect('127.0.0.1', 6379);
$token = sha1(random_bytes(64));
$redis->hset("cwops_sessions", $user->id, $token);
setcookie("cwops_hash", $token, time() + (60 * 60 * 24 * 365));
setcookie("cwops_id", $user->id, time() + (60 * 60 * 24 * 365));
echo "Login successful! Forwarding...";
error_log("successful login of ".$user->callsign);
return;

Loading…
Cancel
Save