commit 5608250688333d7b7ae734e690994fece6aecb5c
parent b9cb0e03dd728bb37c89503ce9794980f304feef
Author: Jan Dankert <develop@jandankert.de>
Date: Wed, 28 Aug 2019 00:33:55 +0200
Fix: Login-Timestamp nur bei POST-Requests setzen.
Diffstat:
3 files changed, 15 insertions(+), 6 deletions(-)
diff --git a/modules/cms-core/action/LoginAction.class.php b/modules/cms-core/action/LoginAction.class.php
@@ -770,7 +770,8 @@ class LoginAction extends Action
$user = User::loadWithName($loginName);
$user->loginModuleName = $lastModule;
$user->setCurrent();
-
+ $user->updateLoginTimestamp();
+
if ($user->passwordAlgo != Password::bestAlgoAvailable() )
// Re-Hash the password with a better hash algo.
$user->setPassword($loginPassword);
diff --git a/modules/cms-core/model/User.class.php b/modules/cms-core/model/User.class.php
@@ -114,7 +114,15 @@ class User extends ModelBase
$this->loginDate = time();
\Session::setUser( $this );
-
+ }
+
+
+
+ /**
+ * Benutzer als aktiven Benutzer in die Session schreiben.
+ */
+ public function updateLoginTimestamp()
+ {
$stmt = db()->sql( <<<SQL
UPDATE {{user}}
SET last_login={time}
@@ -123,10 +131,9 @@ SQL
);
$stmt->setInt( 'time' ,time() );
$stmt->setInt( 'userid',$this->userid );
-
+
// Datenbankabfrage ausfuehren
$stmt->query();
-
}
diff --git a/modules/cms-ui/action/IndexAction.class.php b/modules/cms-ui/action/IndexAction.class.php
@@ -125,8 +125,9 @@ class IndexAction extends Action
try
{
$user = User::loadWithName( $username );
- $user->setCurrent();
- Logger::info('auto-login for user '.$username);
+ $user->setCurrent();
+ // Do not update the login timestamp, because this is a readonly request.
+ Logger::info('auto-login for user '.$username);
}
catch( ObjectNotFoundException $e )
{