From 044cff2d74ece46256201695346d1a0d1d66c746 Mon Sep 17 00:00:00 2001 From: Andrew Dolgov Date: Sat, 13 Apr 2013 18:24:27 +0400 Subject: implement basic feed authentication parameter encryption in the database (FEED_CRYPT_KEY) --- config.php-dist | 7 +++++++ 1 file changed, 7 insertions(+) (limited to 'config.php-dist') diff --git a/config.php-dist b/config.php-dist index eb3339742..fc999354b 100644 --- a/config.php-dist +++ b/config.php-dist @@ -24,6 +24,13 @@ // You need to set this option correctly otherwise several features // including PUSH, bookmarklets and browser integration will not work properly. + define('FEED_CRYPT_KEY', ''); + // Key used for encryption of login/passwords for password-protected feeds + // in the database. A string of 24 random characters. If left blank, encryption + // is not used. Requires mcrypt functions. + // Warning: changing this key will make your stored feed passwords impossible + // to decrypt. + define('SINGLE_USER_MODE', false); // Operate in single user mode, disables all functionality related to // multiple users and authentication. Enabling this assumes you have -- cgit v1.2.3-54-g00ecf From b9863a153c4a9295c3ddd214c1c1d21aa4807221 Mon Sep 17 00:00:00 2001 From: Andrew Dolgov Date: Tue, 16 Apr 2013 16:40:04 +0400 Subject: unify SMTP_HOST and SMTP_PORT as SMTP_SERVER --- classes/ttrssmailer.php | 19 +++++++++++-------- config.php-dist | 8 +++----- include/sanity_config.php | 4 ++-- 3 files changed, 16 insertions(+), 15 deletions(-) (limited to 'config.php-dist') diff --git a/classes/ttrssmailer.php b/classes/ttrssmailer.php index 1eb9f1d3a..1f365c22e 100644 --- a/classes/ttrssmailer.php +++ b/classes/ttrssmailer.php @@ -25,17 +25,20 @@ class ttrssMailer extends PHPMailer { function __construct() { $this->SetLanguage("en", "lib/phpmailer/language/"); - //if SMTP_HOST is specified, use SMTP to send mail directly + if (SMTP_HOST) { - $Host = SMTP_HOST; + $pair = explode(":", SMTP_HOST, 2); $Mailer = "smtp"; + + $Host = $pair[0]; + $Port = $pair[1]; + + if (!$Port) $Port = 25; + } else { + $Host = ''; + $Port = ''; } - //if SMTP_PORT is specified, assign it. Otherwise default to port 25 - if(SMTP_PORT){ - $Port = SMTP_PORT; - }else{ - $Port = "25"; - } + //if SMTP_LOGIN is specified, set credentials and enable auth if(SMTP_LOGIN){ diff --git a/config.php-dist b/config.php-dist index fc999354b..5366120af 100644 --- a/config.php-dist +++ b/config.php-dist @@ -160,12 +160,10 @@ define('DIGEST_SUBJECT', '[tt-rss] New headlines for last 24 hours'); // Subject line for email digests - define('SMTP_HOST', ''); - // SMTP Host to send outgoing mail. Blank - use system MTA. + define('SMTP_SERVER', ''); + // Hostname:port combination to send outgoing mail (i.e. localhost:25). + // Blank - use system MTA. - define('SMTP_PORT',''); - // SMTP port to sent outgoing mail. Default is 25. - define('SMTP_LOGIN', ''); define('SMTP_PASSWORD', ''); // These two options enable SMTP authentication when sending diff --git a/include/sanity_config.php b/include/sanity_config.php index 0c829981e..255b404d6 100644 --- a/include/sanity_config.php +++ b/include/sanity_config.php @@ -1,3 +1,3 @@ - +$requred_defines = array( 'DB_TYPE', 'DB_HOST', 'DB_USER', 'DB_NAME', 'DB_PASS', 'MYSQL_CHARSET', 'SELF_URL_PATH', 'FEED_CRYPT_KEY', 'SINGLE_USER_MODE', 'SIMPLE_UPDATE_MODE', 'PHP_EXECUTABLE', 'LOCK_DIRECTORY', 'CACHE_DIR', 'ICONS_DIR', 'ICONS_URL', 'AUTH_AUTO_CREATE', 'AUTH_AUTO_LOGIN', 'FORCE_ARTICLE_PURGE', 'PUBSUBHUBBUB_HUB', 'PUBSUBHUBBUB_ENABLED', 'SPHINX_ENABLED', 'SPHINX_INDEX', 'ENABLE_REGISTRATION', 'REG_NOTIFY_ADDRESS', 'REG_MAX_USERS', 'SESSION_COOKIE_LIFETIME', 'SESSION_CHECK_ADDRESS', 'SMTP_FROM_NAME', 'SMTP_FROM_ADDRESS', 'DIGEST_SUBJECT', 'SMTP_SERVER', 'SMTP_LOGIN', 'SMTP_PASSWORD', 'CHECK_FOR_NEW_VERSION', 'ENABLE_GZIP_OUTPUT', 'PLUGINS', 'CONFIG_VERSION'); ?> -- cgit v1.2.3-54-g00ecf From 52803a0bfd315e375221c446f597f64ecbfb2aae Mon Sep 17 00:00:00 2001 From: Andrew Dolgov Date: Tue, 16 Apr 2013 16:41:32 +0400 Subject: add SPHINX_SERVER --- config.php-dist | 3 +++ include/functions.php | 4 +++- include/sanity_config.php | 4 ++-- 3 files changed, 8 insertions(+), 3 deletions(-) (limited to 'config.php-dist') diff --git a/config.php-dist b/config.php-dist index 5366120af..9dd46e295 100644 --- a/config.php-dist +++ b/config.php-dist @@ -108,6 +108,9 @@ // Enable fulltext search using Sphinx (http://www.sphinxsearch.com) // Please see http://tt-rss.org/wiki/SphinxSearch for more information. + define('SPHINX_SERVER', 'localhost:9312'); + // Hostname:port combination for the Sphinx server. + define('SPHINX_INDEX', 'ttrss'); // Index name in Sphinx configuration. You can specify multiple indexes // as a comma-separated string. diff --git a/include/functions.php b/include/functions.php index 87eb3d6a9..659950be0 100644 --- a/include/functions.php +++ b/include/functions.php @@ -3824,7 +3824,9 @@ $sphinxClient = new SphinxClient(); - $sphinxClient->SetServer('localhost', 9312); + $sphinxpair = explode(":", SPHINX_SERVER, 2); + + $sphinxClient->SetServer($sphinxpair[0], $sphinxpair[1]); $sphinxClient->SetConnectTimeout(1); $sphinxClient->SetFieldWeights(array('title' => 70, 'content' => 30, diff --git a/include/sanity_config.php b/include/sanity_config.php index 255b404d6..398c979fe 100644 --- a/include/sanity_config.php +++ b/include/sanity_config.php @@ -1,3 +1,3 @@ - +$requred_defines = array( 'DB_TYPE', 'DB_HOST', 'DB_USER', 'DB_NAME', 'DB_PASS', 'MYSQL_CHARSET', 'SELF_URL_PATH', 'FEED_CRYPT_KEY', 'SINGLE_USER_MODE', 'SIMPLE_UPDATE_MODE', 'PHP_EXECUTABLE', 'LOCK_DIRECTORY', 'CACHE_DIR', 'ICONS_DIR', 'ICONS_URL', 'AUTH_AUTO_CREATE', 'AUTH_AUTO_LOGIN', 'FORCE_ARTICLE_PURGE', 'PUBSUBHUBBUB_HUB', 'PUBSUBHUBBUB_ENABLED', 'SPHINX_ENABLED', 'SPHINX_SERVER', 'SPHINX_INDEX', 'ENABLE_REGISTRATION', 'REG_NOTIFY_ADDRESS', 'REG_MAX_USERS', 'SESSION_COOKIE_LIFETIME', 'SESSION_CHECK_ADDRESS', 'SMTP_FROM_NAME', 'SMTP_FROM_ADDRESS', 'DIGEST_SUBJECT', 'SMTP_SERVER', 'SMTP_LOGIN', 'SMTP_PASSWORD', 'CHECK_FOR_NEW_VERSION', 'ENABLE_GZIP_OUTPUT', 'PLUGINS', 'CONFIG_VERSION'); ?> -- cgit v1.2.3-54-g00ecf From 90df27a4c12d3be57744d0bb4cde048ff3174591 Mon Sep 17 00:00:00 2001 From: Andrew Dolgov Date: Tue, 16 Apr 2013 16:43:15 +0400 Subject: ttrssMailer: fix typo --- classes/ttrssmailer.php | 4 ++-- config.php-dist | 2 +- 2 files changed, 3 insertions(+), 3 deletions(-) (limited to 'config.php-dist') diff --git a/classes/ttrssmailer.php b/classes/ttrssmailer.php index 1f365c22e..54d180620 100644 --- a/classes/ttrssmailer.php +++ b/classes/ttrssmailer.php @@ -26,8 +26,8 @@ class ttrssMailer extends PHPMailer { function __construct() { $this->SetLanguage("en", "lib/phpmailer/language/"); - if (SMTP_HOST) { - $pair = explode(":", SMTP_HOST, 2); + if (SMTP_SERVER) { + $pair = explode(":", SMTP_SERVER, 2); $Mailer = "smtp"; $Host = $pair[0]; diff --git a/config.php-dist b/config.php-dist index 9dd46e295..48bd59870 100644 --- a/config.php-dist +++ b/config.php-dist @@ -170,7 +170,7 @@ define('SMTP_LOGIN', ''); define('SMTP_PASSWORD', ''); // These two options enable SMTP authentication when sending - // outgoing mail. Only used with SMTP_HOST + // outgoing mail. Only used with SMTP_SERVER. // *************************************** // *** Other settings (less important) *** -- cgit v1.2.3-54-g00ecf From 5d28014ee3e99830c299a9444362df3051e7ac00 Mon Sep 17 00:00:00 2001 From: Jeffrey Tolar Date: Wed, 17 Apr 2013 00:23:12 -0500 Subject: Fix indentation issues (spaces => tabs) --- config.php-dist | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'config.php-dist') diff --git a/config.php-dist b/config.php-dist index 48bd59870..b751f6228 100644 --- a/config.php-dist +++ b/config.php-dist @@ -25,8 +25,8 @@ // including PUSH, bookmarklets and browser integration will not work properly. define('FEED_CRYPT_KEY', ''); - // Key used for encryption of login/passwords for password-protected feeds - // in the database. A string of 24 random characters. If left blank, encryption + // Key used for encryption of login/passwords for password-protected feeds + // in the database. A string of 24 random characters. If left blank, encryption // is not used. Requires mcrypt functions. // Warning: changing this key will make your stored feed passwords impossible // to decrypt. -- cgit v1.2.3-54-g00ecf From 524d03a03e46c9d0914432192a22d7f339b077ac Mon Sep 17 00:00:00 2001 From: Andrew Dolgov Date: Wed, 17 Apr 2013 09:30:11 +0400 Subject: config: remove mention of encrypted logins --- config.php-dist | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'config.php-dist') diff --git a/config.php-dist b/config.php-dist index b751f6228..4df299786 100644 --- a/config.php-dist +++ b/config.php-dist @@ -25,7 +25,7 @@ // including PUSH, bookmarklets and browser integration will not work properly. define('FEED_CRYPT_KEY', ''); - // Key used for encryption of login/passwords for password-protected feeds + // Key used for encryption of passwords for password-protected feeds // in the database. A string of 24 random characters. If left blank, encryption // is not used. Requires mcrypt functions. // Warning: changing this key will make your stored feed passwords impossible -- cgit v1.2.3-54-g00ecf From bbffc43e4f4c04e5efeb0edcc9851742c2223b1d Mon Sep 17 00:00:00 2001 From: Andrew Dolgov Date: Thu, 18 Apr 2013 16:06:03 +0400 Subject: actually check for DB_PORT in installer, add better hints and use mysqli if available --- config.php-dist | 2 +- install/index.php | 36 ++++++++++++++++++++++++------------ utility.css | 5 +++++ 3 files changed, 30 insertions(+), 13 deletions(-) (limited to 'config.php-dist') diff --git a/config.php-dist b/config.php-dist index 4df299786..7cb9d9397 100644 --- a/config.php-dist +++ b/config.php-dist @@ -8,7 +8,7 @@ define('DB_USER', "fox"); define('DB_NAME', "fox"); define('DB_PASS', "XXXXXX"); - //define('DB_PORT', '5432'); // when neeeded, PG-only + define('DB_PORT', ''); // usually 5432 for PostgreSQL, 3306 for MySQL define('MYSQL_CHARSET', 'UTF8'); // Connection charset for MySQL. If you have a legacy database and/or experience diff --git a/install/index.php b/install/index.php index 99339aca2..9cbab20f1 100644 --- a/install/index.php +++ b/install/index.php @@ -88,7 +88,7 @@ $msg"; } - function db_connect($host, $user, $pass, $db, $type) { + function db_connect($host, $user, $pass, $db, $type, $port) { if ($type == "pgsql") { $string = "dbname=$db user=$user"; @@ -101,8 +101,8 @@ $string .= " host=$host"; } - if (defined('DB_PORT')) { - $string = "$string port=" . DB_PORT; + if ($port) { + $string = "$string port=" . $port; } $link = pg_connect($string); @@ -110,10 +110,15 @@ return $link; } else if ($type == "mysql") { - $link = mysql_connect($host, $user, $pass); - if ($link) { - $result = mysql_select_db($db, $link); - if ($result) return $link; + if (function_exists("mysqli_connect")) { + return mysqli_connect($host, $user, $pass, $db, $port); + + } else { + $link = mysql_connect($host, $user, $pass); + if ($link) { + $result = mysql_select_db($db, $link); + if ($result) return $link; + } } } } @@ -173,7 +178,12 @@ } return $result; } else if ($type == "mysql") { - $result = mysql_query($query, $link); + + if (function_exists("mysqli_connect")) { + $result = mysqli_query($link, $query); + } else { + $result = mysql_query($query, $link); + } if (!$result) { $query = htmlspecialchars($query); if ($die_on_error) { @@ -254,17 +264,19 @@
- +
- + + If needed
- + + Usually 3306 for MySQL or 5432 for PostgreSQL

Other settings

@@ -327,7 +339,7 @@

Checking database

Date: Fri, 19 Apr 2013 09:45:43 +0400 Subject: make logging configurable; add logging to syslog --- classes/logger.php | 39 ++++++++++++++++++++++-- classes/logger/sql.php | 3 -- classes/logger/syslog.php | 31 ++++++++++++++++++++ classes/pref/system.php | 75 ++++++++++++++++++++++++++--------------------- config.php-dist | 6 ++++ include/errorhandler.php | 21 ++----------- include/sanity_config.php | 4 +-- 7 files changed, 119 insertions(+), 60 deletions(-) create mode 100644 classes/logger/syslog.php (limited to 'config.php-dist') diff --git a/classes/logger.php b/classes/logger.php index 3c501eb92..4a9c1df82 100644 --- a/classes/logger.php +++ b/classes/logger.php @@ -1,5 +1,7 @@ 'E_ERROR', @@ -20,11 +22,44 @@ class Logger { 32767 => 'E_ALL'); function log_error($errno, $errstr, $file, $line, $context) { - return false; + if ($errno == E_NOTICE) return false; + + if ($this->adapter) + return $this->adapter->log_error($errno, $errstr, $file, $line, $context); + else + return false; } function log($string) { - return false; + if ($this->adapter) + return $this->adapter->log($string); + else + return false; + } + + private function __clone() { + // + } + + function __construct() { + switch (LOG_DESTINATION) { + case "sql": + $this->adapter = new Logger_SQL(); + break; + case "syslog": + $this->adapter = new Logger_Syslog(); + break; + default: + $this->adapter = false; + } } + + public static function get() { + if (self::$instance == null) + self::$instance = new self(); + + return self::$instance; + } + } ?> diff --git a/classes/logger/sql.php b/classes/logger/sql.php index 50e5de9a6..c0f8b4598 100644 --- a/classes/logger/sql.php +++ b/classes/logger/sql.php @@ -2,9 +2,6 @@ class Logger_SQL { function log_error($errno, $errstr, $file, $line, $context) { - - if ($errno == E_NOTICE) return false; - if (Db::get() && get_schema_version() > 117) { $errno = Db::get()->escape_string($errno); diff --git a/classes/logger/syslog.php b/classes/logger/syslog.php new file mode 100644 index 000000000..b8b5260a0 --- /dev/null +++ b/classes/logger/syslog.php @@ -0,0 +1,31 @@ + diff --git a/classes/pref/system.php b/classes/pref/system.php index 725c337dc..d2b6cd746 100644 --- a/classes/pref/system.php +++ b/classes/pref/system.php @@ -24,46 +24,53 @@ class Pref_System extends Handler_Protected { print "
"; print "
"; - $result = $this->dbh->query("SELECT errno, errstr, filename, lineno, - created_at, login FROM ttrss_error_log - LEFT JOIN ttrss_users ON (owner_uid = ttrss_users.id) - ORDER BY ttrss_error_log.id DESC - LIMIT 100"); - - print " "; - - print "

"; - - print " - - - - - - "; - - while ($line = $this->dbh->fetch_assoc($result)) { - print ""; - - foreach ($line as $k => $v) { - $line[$k] = htmlspecialchars($v); + if (LOG_DESTINATION == "sql") { + + $result = $this->dbh->query("SELECT errno, errstr, filename, lineno, + created_at, login FROM ttrss_error_log + LEFT JOIN ttrss_users ON (owner_uid = ttrss_users.id) + ORDER BY ttrss_error_log.id DESC + LIMIT 100"); + + print " "; + + print "

".__("Error")."".__("Filename")."".__("Message")."".__("User")."".__("Date")."
"; + + print " + + + + + + "; + + while ($line = $this->dbh->fetch_assoc($result)) { + print ""; + + foreach ($line as $k => $v) { + $line[$k] = htmlspecialchars($v); + } + + print ""; + print ""; + print ""; + print ""; + + print ""; + + print ""; } - print ""; - print ""; - print ""; - print ""; + print "
".__("Error")."".__("Filename")."".__("Message")."".__("User")."".__("Date")."
" . Logger::$errornames[$line["errno"]] . " (" . $line["errno"] . ")" . $line["filename"] . ":" . $line["lineno"] . "" . $line["errstr"] . "" . + make_local_datetime( + $line["created_at"], false) . "
" . Logger::$errornames[$line["errno"]] . " (" . $line["errno"] . ")" . $line["filename"] . ":" . $line["lineno"] . "" . $line["errstr"] . "
"; + } else { - print "" . - make_local_datetime( - $line["created_at"], false) . ""; + print_notice("Please set LOG_DESTINATION to 'sql' in config.php to enable database logging."); - print ""; } - print ""; - print "

"; PluginHost::getInstance()->run_hooks(PluginHost::HOOK_PREFS_TAB, diff --git a/config.php-dist b/config.php-dist index 7cb9d9397..1c356a9ae 100644 --- a/config.php-dist +++ b/config.php-dist @@ -192,6 +192,12 @@ // authentication plugin here (auth_*). // Users may enable other user plugins from Preferences/Plugins but may not // disable plugins specified in this list. + + define('LOG_DESTINATION', 'sql'); + // Log destination to use. Possible values: sql (uses internal logging + // you can read in Preferences -> System), syslog - logs to system log. + // Setting this to blank uses PHP logging (usually to http server + // error.log). define('CONFIG_VERSION', 26); // Expected config version. Please update this option in config.php diff --git a/include/errorhandler.php b/include/errorhandler.php index 2c8d35f83..9acef2357 100644 --- a/include/errorhandler.php +++ b/include/errorhandler.php @@ -1,22 +1,12 @@ log_error($errno, $errstr, $file, $line, $context); - } - - return false; + return Logger::get()->log_error($errno, $errstr, $file, $line, $context); } function ttrss_fatal_handler() { @@ -36,14 +26,7 @@ function ttrss_fatal_handler() { $file = substr(str_replace(dirname(dirname(__FILE__)), "", $file), 1); - if (!$logger) $logger = new Logger_SQL(); - - if ($logger) { - if ($logger->log_error($errno, $errstr, $file, $line, $context)) { - return true; - } - } - return false; + return Logger::get()->log_error($errno, $errstr, $file, $line, $context); } return false; diff --git a/include/sanity_config.php b/include/sanity_config.php index d5cfd2d78..7d8afe102 100644 --- a/include/sanity_config.php +++ b/include/sanity_config.php @@ -1,3 +1,3 @@ - +$requred_defines = array( 'DB_TYPE', 'DB_HOST', 'DB_USER', 'DB_NAME', 'DB_PASS', 'MYSQL_CHARSET', 'SELF_URL_PATH', 'FEED_CRYPT_KEY', 'SINGLE_USER_MODE', 'SIMPLE_UPDATE_MODE', 'PHP_EXECUTABLE', 'LOCK_DIRECTORY', 'CACHE_DIR', 'ICONS_DIR', 'ICONS_URL', 'AUTH_AUTO_CREATE', 'AUTH_AUTO_LOGIN', 'FORCE_ARTICLE_PURGE', 'PUBSUBHUBBUB_HUB', 'PUBSUBHUBBUB_ENABLED', 'SPHINX_ENABLED', 'SPHINX_SERVER', 'SPHINX_INDEX', 'ENABLE_REGISTRATION', 'REG_NOTIFY_ADDRESS', 'REG_MAX_USERS', 'SESSION_COOKIE_LIFETIME', 'SESSION_CHECK_ADDRESS', 'SMTP_FROM_NAME', 'SMTP_FROM_ADDRESS', 'DIGEST_SUBJECT', 'SMTP_SERVER', 'SMTP_LOGIN', 'SMTP_PASSWORD', 'CHECK_FOR_NEW_VERSION', 'ENABLE_GZIP_OUTPUT', 'PLUGINS', 'LOG_DESTINATION', 'CONFIG_VERSION'); ?> -- cgit v1.2.3-54-g00ecf From 3921f5081bcb37df4bdf951ebb5fe2a14a88791f Mon Sep 17 00:00:00 2001 From: Andrew Dolgov Date: Tue, 23 Apr 2013 22:19:09 +0400 Subject: only show reset password link when auth_internal is enabled (refs #681) --- config.php-dist | 2 ++ include/login_form.php | 4 ++++ 2 files changed, 6 insertions(+) (limited to 'config.php-dist') diff --git a/config.php-dist b/config.php-dist index 1c356a9ae..72b6fd1b8 100644 --- a/config.php-dist +++ b/config.php-dist @@ -192,6 +192,8 @@ // authentication plugin here (auth_*). // Users may enable other user plugins from Preferences/Plugins but may not // disable plugins specified in this list. + // Disabling auth_internal in this list would automatically disable + // reset password link on the login form. define('LOG_DESTINATION', 'sql'); // Log destination to use. Possible values: sql (uses internal logging diff --git a/include/login_form.php b/include/login_form.php index 7ac7111c8..4745027f9 100644 --- a/include/login_form.php +++ b/include/login_form.php @@ -188,6 +188,8 @@ function bwLimitChange(elem) { value="" />
+ +
+ +
Date: Mon, 29 Apr 2013 13:03:28 +0400 Subject: do not use session cookie lifetime for additional cookies --- classes/pref/prefs.php | 2 +- classes/rpc.php | 2 +- config.php-dist | 4 ---- include/functions.php | 6 ++++-- 4 files changed, 6 insertions(+), 8 deletions(-) (limited to 'config.php-dist') diff --git a/classes/pref/prefs.php b/classes/pref/prefs.php index 47f47ae68..35065ea7b 100644 --- a/classes/pref/prefs.php +++ b/classes/pref/prefs.php @@ -114,7 +114,7 @@ class Pref_Prefs extends Handler_Protected { if ($pref_name == "language") { if ($_SESSION["language"] != $value) { setcookie("ttrss_lang", $value, - time() + SESSION_COOKIE_LIFETIME); + time() + COOKIE_LIFETIME_LONG); $_SESSION["language"] = $value; $need_reload = true; diff --git a/classes/rpc.php b/classes/rpc.php index 62d884673..2b07bbf91 100644 --- a/classes/rpc.php +++ b/classes/rpc.php @@ -479,7 +479,7 @@ class RPC extends Handler_Protected { $wide = (int) $_REQUEST["wide"]; setcookie("ttrss_widescreen", $wide, - time() + SESSION_COOKIE_LIFETIME); + time() + COOKIE_LIFETIME_LONG); print json_encode(array("wide" => $wide)); } diff --git a/config.php-dist b/config.php-dist index 72b6fd1b8..58218bab1 100644 --- a/config.php-dist +++ b/config.php-dist @@ -139,10 +139,6 @@ define('SESSION_COOKIE_LIFETIME', 86400); // Default lifetime of a session (e.g. login) cookie. In seconds, // 0 means cookie will be deleted when browser closes. - // Setting this to zero will affect several user preferences - // like widescreen mode not saving and disable "remember me". - // Note that if remember me is not checked, session cookie - // will always expire with browser session. define('SESSION_CHECK_ADDRESS', 1); // Check client IP address when validating session: diff --git a/include/functions.php b/include/functions.php index 5da657f2d..38c3eac32 100644 --- a/include/functions.php +++ b/include/functions.php @@ -5,6 +5,8 @@ define('LABEL_BASE_INDEX', -1024); define('PLUGIN_FEED_BASE_INDEX', -128); + define('COOKIE_LIFETIME_LONG', 86400*365); + $fetch_last_error = false; $fetch_last_error_code = false; $fetch_last_content_type = false; @@ -796,9 +798,9 @@ $_SESSION["last_login_update"] = time(); } - if ($_SESSION["uid"] && $_SESSION["language"] && SESSION_COOKIE_LIFETIME > 0) { + if ($_SESSION["uid"] && $_SESSION["language"]) { setcookie("ttrss_lang", $_SESSION["language"], - time() + SESSION_COOKIE_LIFETIME); + time() + COOKIE_LIFETIME_LONG); } if ($_SESSION["uid"]) { -- cgit v1.2.3-54-g00ecf