From c911c860f5d0769f835b28821efba11917b9f592 Mon Sep 17 00:00:00 2001
From: Alan Knowles <alan@roojs.com>
Date: Mon, 15 Oct 2018 13:27:42 +0800
Subject: [PATCH] DataObjects/Core_person.php

---
 DataObjects/Core_person.php | 24 +++++++++++++++++++++---
 1 file changed, 21 insertions(+), 3 deletions(-)

diff --git a/DataObjects/Core_person.php b/DataObjects/Core_person.php
index 419fc9c0..471a180c 100644
--- a/DataObjects/Core_person.php
+++ b/DataObjects/Core_person.php
@@ -256,6 +256,27 @@ class Pman_Core_DataObjects_Core_person extends DB_DataObject
        
         $sesPrefix = $this->sesPrefix();
         
+        if (self::$authUser) {
+            return self::$authUser;
+        }
+        
+        
+        if (!empty($_SESSION[get_class($this)][$sesPrefix .'-auth'])) {
+            // in session...
+            $a = unserialize($_SESSION[get_class($this)][$sesPrefix .'-auth']);
+            $u = DB_DataObject::factory($this->tableName());
+            if ($a->id && $u->get($a->id)) { //&& strlen($u->passwd)) {
+                if ($u->verifyAuth()) {
+                    self::$authUser = $u;
+                    return true;
+                }
+            }
+            unset($_SESSION[get_class($this)][$sesPrefix .'-auth']);
+            unset($_SESSION[get_class($this)][$sesPrefix .'-timeout']);
+            setcookie('Pman.timeout', -1, time() + (30*60), '/');
+            return false;
+        
+        
         if (!empty($_SESSION[get_class($this)][$sesPrefix .'-auth'])) {
             // in session...
             $a = unserialize($_SESSION[get_class($this)][$sesPrefix .'-auth']);
@@ -268,9 +289,6 @@ class Pman_Core_DataObjects_Core_person extends DB_DataObject
     
             }
             
-            unset($_SESSION[get_class($this)][$sesPrefix .'-auth']);
-            unset($_SESSION[get_class($this)][$sesPrefix .'-timeout']);
-            setcookie('Pman.timeout', -1, time() + (30*60), '/');
             
         }
         
-- 
2.39.2