Don't kill the authentication cookie the first time we use it.

author Florent Bruneau <florent.bruneau@polytechnique.org>

Sun, 10 Aug 2008 19:33:59 +0000 (21:33 +0200)

committer Florent Bruneau <florent.bruneau@polytechnique.org>

Sun, 10 Aug 2008 19:33:59 +0000 (21:33 +0200)
author Florent Bruneau <florent.bruneau@polytechnique.org>
Sun, 10 Aug 2008 19:33:59 +0000 (21:33 +0200)
committer Florent Bruneau <florent.bruneau@polytechnique.org>
Sun, 10 Aug 2008 19:33:59 +0000 (21:33 +0200)
diff --git a/classes/xorgsession.php b/classes/xorgsession.php

index 48a2664..229df76 100644 (file)
--- a/classes/xorgsession.php
+++ b/classes/xorgsession.php
@@ -222,7 +222,8 @@ class XorgSession extends PlSession
          } else {
              $logger = S::logger($uid);
              setcookie('ORGuid', $uid, (time() + 25920000), '/', '', 0);
-            if (Post::v('remember', 'false') == 'true') {
+
+            if (S::i('auth_by_cookie') == S::i('uid') || Post::v('remember', 'false') == 'true') {
                  $cookie = hash_encrypt($sess['password']);
                  setcookie('ORGaccess', $cookie, (time() + 25920000), '/', '', 0);
                  if ($logger) {
author	Florent Bruneau <florent.bruneau@polytechnique.org>
	Sun, 10 Aug 2008 19:33:59 +0000 (21:33 +0200)
committer	Florent Bruneau <florent.bruneau@polytechnique.org>
	Sun, 10 Aug 2008 19:33:59 +0000 (21:33 +0200)