From 382f8d060cad9da01ff7c24fc937b3f0d1b46990 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Michael=20G=C3=B6hler?= Date: Thu, 11 Oct 2012 14:11:30 +0200 Subject: [PATCH] fixed wrong variable usage --- lib/base.php | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/lib/base.php b/lib/base.php index 6105f52584..4007d241de 100644 --- a/lib/base.php +++ b/lib/base.php @@ -513,7 +513,7 @@ class OC{ protected static function cleanupLoginTokens($user) { $cutoff = time() - OC_Config::getValue('remember_login_cookie_lifetime', 60*60*24*15); - $tokens = OC_Preferences::getKeys($_COOKIE['oc_username'], 'login_token'); + $tokens = OC_Preferences::getKeys($user, 'login_token'); foreach($tokens as $token) { $time = OC_Preferences::getValue($user, 'login_token', $token); if ($time < $cutoff) { @@ -543,10 +543,10 @@ class OC{ // test cookies token against stored tokens if (in_array($_COOKIE['oc_token'], $tokens, true)) { // replace successfully used token with a new one - OC_Preferences::deleteKey($_POST['user'], 'login_token', $_COOKIE['oc_token']); - $token = md5($_POST["user"].OC_Util::generate_random_bytes(10).$_COOKIE['oc_token']); - OC_Preferences::setValue($_POST['user'], 'login_token', $token, time()); - OC_User::setMagicInCookie($_POST['user'], $token); + OC_Preferences::deleteKey($_COOKIE['oc_username'], 'login_token', $_COOKIE['oc_token']); + $token = md5($_COOKIE['oc_username'].OC_Util::generate_random_bytes(10).$_COOKIE['oc_token']); + OC_Preferences::setValue($_COOKIE['oc_username'], 'login_token', $token, time()); + OC_User::setMagicInCookie($_COOKIE['oc_username'], $token); // login OC_User::setUserId($_COOKIE['oc_username']); OC_Util::redirectToDefaultPage();