flash/sakura
flash/sakura
Archived
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Electric Boogaloo 2: Logout update

Browse source
This commit is contained in:
flash 2015-04-17 22:51:53 +00:00
parent 61c4076786
commit 09cbba9ac6
6 changed files with 96 additions and 45 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

4
_sakura/components/Sessions.php
View file

@ -38,7 +38,7 @@ class Session {
'skey' => $session, 'skey' => $session,
'started' => time(), 'started' => time(),
'expire' => time() + 604800, 'expire' => time() + 604800,
'remember' => $remember 'remember' => $remember ? '1' : '0'
]); ]);
// Return the session key // Return the session key
@ -86,7 +86,7 @@ class Session {
return false; return false;
// Run the query // Run the query
Database::delete('sessions', [($key ? 'skey' : 'id'), [$sessionId, '=']]); Database::delete('sessions', [($key ? 'skey' : 'id') => [$sessionId, '=']]);
// Return true if key was found and deleted // Return true if key was found and deleted
return true; return true;

2
_sakura/components/Users.php
View file

@ -126,7 +126,7 @@ class Users {
return false; return false;
// Remove the active session from the database // Remove the active session from the database
if(!Session::deleteSession($id, true)) if(!Session::deleteSession(Session::$sessionId, true))
return false; return false;
// Set cookies // Set cookies

2
_sakura/sakura.php
View file

@ -54,7 +54,7 @@ $renderData = array(
'version' => SAKURA_VERSION, 'version' => SAKURA_VERSION,
'urls' => Configuration::getLocalConfig('urls'), 'urls' => Configuration::getLocalConfig('urls'),
'charset' => Configuration::getConfig('charset'), 'charset' => Configuration::getConfig('charset'),
'currentpage' => $_SERVER['PHP_SELF'], 'currentpage' => '//'. $_SERVER['SERVER_NAME'] . $_SERVER['PHP_SELF'],
'recaptcha_public' => Configuration::getConfig('recaptcha_public'), 'recaptcha_public' => Configuration::getConfig('recaptcha_public'),
'resources' => '//'. Configuration::getLocalConfig('urls')['content'] .'/data/'. strtolower(Templates::$_TPL) 'resources' => '//'. Configuration::getLocalConfig('urls')['content'] .'/data/'. strtolower(Templates::$_TPL)
], ],

8
_sakura/templates/yuuno/global/header.tpl
View file

@ -55,8 +55,12 @@
</div> </div>
<div class="menu-ucp" id="navMenuUser"> <div class="menu-ucp" id="navMenuUser">
<!-- User menu, displayed on right side of the bar. --> <!-- User menu, displayed on right side of the bar. -->
<a class="menu-item" id="headerLoginLink" href="http://{{ sakura.urls.main }}/login" title="Login to Flashii">Login</a> {% if user.checklogin %}
<a class="menu-item" href="http://{{ sakura.urls.main }}/register" title="Create an account">Register</a> <a class="menu-item" href="http://{{ sakura.urls.main }}/logout?mode=logout&time={{ php.time }}&session={{ php.sessionid }}&redirect={{ sakura.currentpage }}" title="End your login session">Logout</a>
{% else %}
<a class="menu-item" id="headerLoginLink" href="http://{{ sakura.urls.main }}/login" title="Login to Flashii">Login</a>
<a class="menu-item" href="http://{{ sakura.urls.main }}/register" title="Create an account">Register</a>
{% endif %}
</div> </div>
<div class="menu-mob"> <div class="menu-mob">
<a class="menu-item" id="mobileNavToggle" href="javascript:;" onclick="mobileMenu(true);">Open Menu</a> <a class="menu-item" id="mobileNavToggle" href="javascript:;" onclick="mobileMenu(true);">Open Menu</a>

2
main/.htaccess
View file

@ -17,7 +17,7 @@ Options +FollowSymLinks -Indexes
RewriteRule ^feedback?/?$ http://forum.flash.moe/viewforum.php?f=22 RewriteRule ^feedback?/?$ http://forum.flash.moe/viewforum.php?f=22
RewriteRule ^credits?/?$ credits.php RewriteRule ^credits?/?$ credits.php
RewriteRule ^index?/?$ index.php RewriteRule ^index?/?$ index.php
RewriteRule ^login?/?$|register?/?$|forgotpassword?/?|authenticate?/?$ authenticate.php RewriteRule ^login?/?$|logout?/?$|register?/?$|forgotpassword?/?|authenticate?/?$ authenticate.php
RewriteRule ^donate?/?$ donate.php RewriteRule ^donate?/?$ donate.php
RewriteRule ^contact?/?$ contact.php RewriteRule ^contact?/?$ contact.php

123
main/authenticate.php
View file

@ -16,56 +16,103 @@ if(
isset($_REQUEST['session']) isset($_REQUEST['session'])
) { ) {
switch($_REQUEST['mode']) { // Continue
$continue = true;
// Login processing // Compare time and session so we know the link isn't forged
case 'login': if($_REQUEST['time'] < time() - 1000) {
// Attempt login $renderData['page'] = [
$login = Users::login($_REQUEST['username'], $_REQUEST['password'], isset($_REQUEST['remember'])); 'title' => 'Action failed',
'redirect' => '/authenticate',
'message' => 'Timestamps differ too much, please try again.'
];
// Array containing "human understandable" messages // Prevent
$messages = [ $continue = false;
'USER_NOT_EXIST' => 'The user you tried to log into does not exist.',
'INCORRECT_PASSWORD' => 'The password you entered was invalid.',
'DEACTIVATED' => 'Your account is deactivated.',
'LEGACY_SUCCESS' => 'Login successful! Taking you to the password changing page...',
'LOGIN_SUCESS' => 'Login successful!'
];
// Add page specific things }
$renderData['page'] = [
'title' => 'Login',
'redirect' => ($login[0] ? $_REQUEST['redirect'] : '/authenticate'),
'message' => $messages[$login[1]]
];
break; // Match session ids for the same reason
if($_REQUEST['session'] != session_id()) {
// Registration processing $renderData['page'] = [
case 'register': 'title' => 'Action failed',
'redirect' => '/authenticate',
'message' => 'Session IDs do not match.'
];
// Add page specific things // Prevent
$renderData['page'] = [ $continue = false;
'title' => 'Register on Flashii',
'redirect' => $_SERVER['PHP_SELF'],
'message' => 'what'
];
break; }
// Unforgetting passwords if($continue) {
case 'forgotpassword': switch($_REQUEST['mode']) {
// Add page specific things case 'logout':
$renderData['page'] = [
'title' => 'Forgot Password',
'redirect' => $_SERVER['PHP_SELF'],
'message' => 'what'
];
break; // Attempt logout
$logout = Users::logout();
// Add page specific data
$renderData['page'] = [
'title' => 'Logout',
'redirect' => ($logout ? $_REQUEST['redirect'] : '/authenticate'),
'message' => $logout ? 'You are now logged out.' : 'Logout failed.'
];
break;
// Login processing
case 'login':
// Attempt login
$login = Users::login($_REQUEST['username'], $_REQUEST['password'], isset($_REQUEST['remember']));
// Array containing "human understandable" messages
$messages = [
'USER_NOT_EXIST' => 'The user you tried to log into does not exist.',
'INCORRECT_PASSWORD' => 'The password you entered was invalid.',
'DEACTIVATED' => 'Your account is deactivated.',
'LEGACY_SUCCESS' => 'Login successful! Taking you to the password changing page...',
'LOGIN_SUCESS' => 'Login successful!'
];
// Add page specific things
$renderData['page'] = [
'title' => 'Login',
'redirect' => ($login[0] ? $_REQUEST['redirect'] : '/authenticate'),
'message' => $messages[$login[1]]
];
break;
// Registration processing
case 'register':
// Add page specific things
$renderData['page'] = [
'title' => 'Register on Flashii',
'redirect' => $_SERVER['PHP_SELF'],
'message' => 'what'
];
break;
// Unforgetting passwords
case 'forgotpassword':
// Add page specific things
$renderData['page'] = [
'title' => 'Forgot Password',
'redirect' => $_SERVER['PHP_SELF'],
'message' => 'what'
];
break;
}
} }
// Print page contents or if the AJAX request is set only display the render data // Print page contents or if the AJAX request is set only display the render data