From 60e1eacc593b212b02edcf788b4c7c4e2e76fe27 Mon Sep 17 00:00:00 2001 From: Focuslinkstech <45756999+Focuslinkstech@users.noreply.github.com> Date: Thu, 10 Oct 2024 16:24:36 +0100 Subject: [PATCH] fix login loop --- system/autoload/Admin.php | 19 ++++++++++--------- 1 file changed, 10 insertions(+), 9 deletions(-) diff --git a/system/autoload/Admin.php b/system/autoload/Admin.php index d6b51718..6ac427c7 100644 --- a/system/autoload/Admin.php +++ b/system/autoload/Admin.php @@ -47,18 +47,19 @@ class Admin if (sha1("$tmp[0].$tmp[1].$db_pass") == $tmp[2]) { // Validate the token in the cookie $isValid = self::validateToken($tmp[0], $_COOKIE['aid']); - if (!$isValid) { + if (!empty($_COOKIE['aid']) && !$isValid) { self::removeCookie(); _alert(Lang::T('Token has expired. Please log in again.'), 'danger', "admin"); return 0; - } + } else { - if (time() - $tmp[1] < 86400 * 7) { - $_SESSION['aid'] = $tmp[0]; - if ($enable_session_timeout) { - $_SESSION['aid_expiration'] = time() + $session_timeout_duration; + if (time() - $tmp[1] < 86400 * 7) { + $_SESSION['aid'] = $tmp[0]; + if ($enable_session_timeout) { + $_SESSION['aid_expiration'] = time() + $session_timeout_duration; + } + return $tmp[0]; } - return $tmp[0]; } } } @@ -83,7 +84,7 @@ class Admin setcookie('aid', $token, [ 'expires' => time() + 86400 * 7, // 7 days 'path' => '/', - 'domain' => $app_stage, + 'domain' => '', 'secure' => $isSecure, 'httponly' => true, 'samesite' => 'Lax', // or Strict @@ -113,7 +114,7 @@ class Admin setcookie('aid', '', [ 'expires' => time() - 3600, 'path' => '/', - 'domain' => $app_stage, + 'domain' => '', 'secure' => $isSecure, 'httponly' => true, 'samesite' => 'Lax',