mirror of
https://github.com/silverstripe/silverstripe-framework
synced 2024-10-22 14:05:37 +02:00
[SS-2016-014] FIX Autologin cookies are ignored if autologin is disabled
This commit is contained in:
parent
281b0de571
commit
b1f449762b
@ -484,7 +484,8 @@ class Member extends DataObject implements TemplateGlobalProvider {
|
|||||||
|
|
||||||
$this->addVisit();
|
$this->addVisit();
|
||||||
|
|
||||||
if($remember) {
|
// Only set the cookie if autologin is enabled
|
||||||
|
if($remember && Security::config()->autologin_enabled) {
|
||||||
// Store the hash and give the client the cookie with the token.
|
// Store the hash and give the client the cookie with the token.
|
||||||
$generator = new RandomGenerator();
|
$generator = new RandomGenerator();
|
||||||
$token = $generator->randomToken('sha1');
|
$token = $generator->randomToken('sha1');
|
||||||
@ -567,7 +568,8 @@ class Member extends DataObject implements TemplateGlobalProvider {
|
|||||||
// Don't bother trying this multiple times
|
// Don't bother trying this multiple times
|
||||||
self::$_already_tried_to_auto_log_in = true;
|
self::$_already_tried_to_auto_log_in = true;
|
||||||
|
|
||||||
if(strpos(Cookie::get('alc_enc'), ':') === false
|
if(!Security::config()->autologin_enabled
|
||||||
|
|| strpos(Cookie::get('alc_enc'), ':') === false
|
||||||
|| Session::get("loggedInAs")
|
|| Session::get("loggedInAs")
|
||||||
|| !Security::database_is_ready()
|
|| !Security::database_is_ready()
|
||||||
) {
|
) {
|
||||||
|
Loading…
Reference in New Issue
Block a user