From eda37541b33a4fe73404b88278d9913ddc2e820e Mon Sep 17 00:00:00 2001 From: Phyks Date: Sun, 25 Aug 2013 22:36:46 +0200 Subject: [PATCH] Bug correction in login form --- TODO | 1 + index.php | 15 ++++++++------- 2 files changed, 9 insertions(+), 7 deletions(-) diff --git a/TODO b/TODO index dd16761..96026cf 100755 --- a/TODO +++ b/TODO @@ -3,6 +3,7 @@ * htmlspecialchars => on users objects * handle negative amounts * Refactor load method to avoir load_* methods ! +* Test remember_me install.php : ============= diff --git a/index.php b/index.php index 7104aab..e3d7c29 100644 --- a/index.php +++ b/index.php @@ -36,13 +36,6 @@ // Handle current user status if(session_id() == '') session_start(); - // If IP has changed, logout - if(user_ip() != $_SESSION['ip']) { - session_destroy(); - header('location: index.php?do=connect'); - exit(); - } - $current_user = new User(); if(isset($_SESSION['current_user'])) { $current_user->sessionRestore($_SESSION['current_user'], true); @@ -57,6 +50,13 @@ header('location: index.php?do=connect'); exit(); } + + // If IP has changed, logout + if($current_user !== false && user_ip() != $_SESSION['ip']) { + session_destroy(); + header('location: index.php?do=connect'); + exit(); + } // Initialize empty $_GET['do'] if required to avoid error if(empty($_GET['do'])) { @@ -102,6 +102,7 @@ } } } + $tpl->assign('connection', true); $tpl->assign('user_post', (!empty($_POST['login'])) ? htmlspecialchars($_POST['login']) : ''); $tpl->assign('token', generate_token('connection')); $tpl->draw('connection');