From: Alan Knowles Date: Mon, 15 Oct 2018 05:33:34 +0000 (+0800) Subject: DataObjects/Core_person.php X-Git-Url: http://git.roojs.org/?p=Pman.Core;a=commitdiff_plain;h=19d7630238fda4aa1ac25408eb1727bcc43dd063 DataObjects/Core_person.php --- diff --git a/DataObjects/Core_person.php b/DataObjects/Core_person.php index de765b93..0e62884d 100644 --- a/DataObjects/Core_person.php +++ b/DataObjects/Core_person.php @@ -407,23 +407,15 @@ class Pman_Core_DataObjects_Core_person extends DB_DataObject //var_dump(array(get_class($this),$sesPrefix .'-auth')); if (self::$authUser) { - $a = self::$authUser; // are they still allowed to do stuff.. + + if (isset($_SESSION[get_class($this)][$sesPrefix .'-auth'])) { + $_SESSION[get_class($this)][$sesPrefix .'-auth-timeout'] = time() + (30*60); // eg. 30 minutes + setcookie('Pman.timeout', time() + (30*60), time() + (30*60), '/'); + } - $u = DB_DataObject::factory($this->tableName()); // allow extending this ... - $u->autoJoin(); - if ($u->get($a->id)) { /// && strlen($u->passwd)) { // should work out the pid .. really.. - if (isset($_SESSION[get_class($this)][$sesPrefix .'-auth'])) { - $_SESSION[get_class($this)][$sesPrefix .'-auth-timeout'] = time() + (30*60); // eg. 30 minutes - setcookie('Pman.timeout', time() + (30*60), time() + (30*60), '/'); - } - - $user = clone ($u); - return clone($user); + $user = clone (self::$authUser); + return clone($user); - } - unset($_SESSION[get_class($this)][$sesPrefix .'-auth']); - unset($_SESSION[get_class($this)][$sesPrefix .'-timeout']); - setcookie('Pman.timeout', -1, time() + (30*60), '/'); } @@ -503,6 +495,8 @@ class Pman_Core_DataObjects_Core_person extends DB_DataObject //var_dump(array(get_class($this),$sesPrefix .'-auth')); $_SESSION[get_class($this)][$sesPrefix .'-auth'] = serialize((object)$d); + + // ensure it's written so that ajax calls can fetch it..