fanbinit/rhymix
1
0
Fork 0
mirror of https://github.com/Lastorder-DC/rhymix.git synced 2026-01-09 03:32:00 +09:00
Code Issues Projects Releases Packages Wiki Activity

Merge branches 'develop' and 'develop' of github.com:xpressengine/xe-core into develop

Browse source
This commit is contained in:
bnu 2015-05-19 14:39:25 +09:00
commit 0f1d8cc426
2 changed files with 16 additions and 3 deletions
Download patch file Download diff file Expand all files Collapse all files

8
classes/cache/CacheFile.class.php vendored
View file

@ -78,6 +78,10 @@ class CacheFile extends CacheBase
$content[] = 'if(!defined(\'__XE__\')) { exit(); }';
$content[] = 'return \'' . addslashes(serialize($obj)) . '\';';
FileHandler::writeFile($cache_file, implode(PHP_EOL, $content));
if(function_exists('opcache_invalidate'))
{
@opcache_invalidate($cache_file, true);
}
}
/**
@ -139,6 +143,10 @@ class CacheFile extends CacheBase
function _delete($_key)
{
$cache_file = $this->getCacheFileName($_key);
if(function_exists('opcache_invalidate'))
{
@opcache_invalidate($cache_file, true);
}
FileHandler::removeFile($cache_file);
}

11
modules/member/member.controller.php
View file

@ -1650,9 +1650,10 @@ class memberController extends member
$do_auto_login = false;
// Compare key values based on the information
$key = md5($user_id . $password . $_SERVER['HTTP_USER_AGENT']);
$check_key = strtolower($user_id).$password.$_SERVER['HTTP_USER_AGENT'];
$check_key = substr(hash_hmac('sha256', $check_key, substr($args->autologin_key, 0, 32)), 0, 32);
if($key == $args->autologin_key)
if($check_key === substr($args->autologin_key, 32))
{
// Check change_password_date
$oModuleModel = getModel('module');
@ -1837,8 +1838,12 @@ class memberController extends member
if($keep_signed)
{
// Key generate for auto login
$oPassword = new Password();
$random_key = $oPassword->createSecureSalt(32, 'hex');
$extra_key = strtolower($user_id).$this->memberInfo->password.$_SERVER['HTTP_USER_AGENT'];
$extra_key = substr(hash_hmac('sha256', $extra_key, $random_key), 0, 32);
$autologin_args = new stdClass;
$autologin_args->autologin_key = md5(strtolower($user_id).$this->memberInfo->password.$_SERVER['HTTP_USER_AGENT']);
$autologin_args->autologin_key = $random_key.$extra_key;
$autologin_args->member_srl = $this->memberInfo->member_srl;
executeQuery('member.deleteAutologin', $autologin_args);
$autologin_output = executeQuery('member.insertAutologin', $autologin_args);