function qa_set_logged_in_user($userid, $handle = '', $remember = false, $source = null) { if (qa_to_override(__FUNCTION__)) { $args = func_get_args(); return qa_call_override(__FUNCTION__, $args); } require_once QA_INCLUDE_DIR . 'app/cookies.php'; qa_start_session(); if (isset($userid)) { qa_set_session_user($userid, $source); // PHP sessions time out too quickly on the server side, so we also set a cookie as backup. // Logging in from a second browser will make the previous browser's 'Remember me' no longer // work - I'm not sure if this is the right behavior - could see it either way. require_once QA_INCLUDE_DIR . 'db/selects.php'; $userinfo = qa_db_single_select(qa_db_user_account_selectspec($userid, true)); // if we have logged in before, and are logging in the same way as before, we don't need to change the sessioncode/source // this means it will be possible to automatically log in (via cookies) to the same account from more than one browser if (empty($userinfo['sessioncode']) || $source !== $userinfo['sessionsource']) { $sessioncode = qa_db_user_rand_sessioncode(); qa_db_user_set($userid, 'sessioncode', $sessioncode); qa_db_user_set($userid, 'sessionsource', $source); } else { $sessioncode = $userinfo['sessioncode']; } qa_db_user_logged_in($userid, qa_remote_ip_address()); qa_set_session_cookie($handle, $sessioncode, $remember); qa_report_event('u_login', $userid, $userinfo['handle'], qa_cookie_get()); } else { $olduserid = qa_get_logged_in_userid(); $oldhandle = qa_get_logged_in_handle(); qa_clear_session_cookie(); qa_clear_session_user(); qa_report_event('u_logout', $olduserid, $oldhandle, qa_cookie_get()); } }
function qa_set_logged_in_user($userid, $handle = '', $remember = false, $source = null, $categoryid = null) { require_once QA_INCLUDE_DIR . 'qa-app-cookies.php'; qa_start_session(); $suffix = qa_session_var_suffix(); if (isset($userid)) { $_SESSION['qa_session_userid_' . $suffix] = $userid; $_SESSION['qa_session_source_' . $suffix] = $source; $_SESSION['qa_session_verify_' . $suffix] = qa_session_verify_code($userid); $_SESSION['mp_session_category_id_' . $suffix] = $categoryid; // prevents one account on a shared server being able to create a log in a user to Q2A on another account on same server // PHP sessions time out too quickly on the server side, so we also set a cookie as backup. // Logging in from a second browser will make the previous browser's 'Remember me' no longer // work - I'm not sure if this is the right behavior - could see it either way. require_once QA_INCLUDE_DIR . 'qa-db-selects.php'; $userinfo = qa_db_single_select(qa_db_user_account_selectspec($userid, true)); // if we have logged in before, and are logging in the same way as before, we don't need to change the sessioncode/source // this means it will be possible to automatically log in (via cookies) to the same account from more than one browser if (empty($userinfo['sessioncode']) || $source !== $userinfo['sessionsource']) { $sessioncode = qa_db_user_rand_sessioncode(); qa_db_user_set($userid, 'sessioncode', $sessioncode); qa_db_user_set($userid, 'sessionsource', $source); } else { $sessioncode = $userinfo['sessioncode']; } qa_db_user_logged_in($userid, qa_remote_ip_address()); //qa_set_session_cookie($handle, $sessioncode, $remember); qa_set_session_cookie($handle, $sessioncode, $remember, $categoryid); qa_report_event('u_login', $userid, $userinfo['handle'], qa_cookie_get()); } else { $olduserid = qa_get_logged_in_userid(); $oldhandle = qa_get_logged_in_handle(); qa_clear_session_cookie(); unset($_SESSION['qa_session_userid_' . $suffix]); unset($_SESSION['qa_session_source_' . $suffix]); unset($_SESSION['qa_session_verify_' . $suffix]); unset($_SESSION['mp_session_category_id_' . $suffix]); qa_report_event('u_logout', $olduserid, $oldhandle, qa_cookie_get()); } }