Fix for bug 90468: Bugzilla does not log out automatically when closing

the session. Patch by toms@myrealbox.com (Toms Baugis), with minor cleanups by me. r=kiko, a=myk.
author: kiko%async.com.br <> 2004-01-17 07:46:30 +0100
committer: kiko%async.com.br <> 2004-01-17 07:46:30 +0100
commit: 09763eb1eb5d0f9b5284edb08ce76b216b358cc5 (patch)
tree: 5db921e1d9c736ac8252f656b2e279c1dd396f2e /Bugzilla/Auth
parent: 3aeef0535633570b09014f6858c688c6c8e43f22 (diff)
download: bugzilla-09763eb1eb5d0f9b5284edb08ce76b216b358cc5.tar.gz
bugzilla-09763eb1eb5d0f9b5284edb08ce76b216b358cc5.tar.xz
1 files changed, 22 insertions, 7 deletions
diff --git a/Bugzilla/Auth/CGI.pm b/Bugzilla/Auth/CGI.pm
index afbf98b27..c453f2dcd 100644
--- a/Bugzilla/Auth/CGI.pm
+++ b/Bugzilla/Auth/CGI.pm
@@ -72,17 +72,32 @@ sub login {
                  $userid, $ipaddr);
         my $logincookie = $dbh->selectrow_array("SELECT LAST_INSERT_ID()");
 
-        $cgi->send_cookie(-name => 'Bugzilla_login',
-                          -value => $userid,
-                          -expires => 'Fri, 01-Jan-2038 00:00:00 GMT');
-        $cgi->send_cookie(-name => 'Bugzilla_logincookie',
-                          -value => $logincookie,
-                          -expires => 'Fri, 01-Jan-2038 00:00:00 GMT');
+        # Remember cookie only if admin has told so
+        # or admin didn't forbid it and user told to remember.
+        if ((Param('rememberlogin') eq 'on') ||
+            ((Param('rememberlogin') ne 'off') &&
+             ($cgi->param('Bugzilla_remember') eq 'on'))) {
+            $cgi->send_cookie(-name => 'Bugzilla_login',
+                              -value => $userid,
+                              -expires => 'Fri, 01-Jan-2038 00:00:00 GMT');
+            $cgi->send_cookie(-name => 'Bugzilla_logincookie',
+                              -value => $logincookie,
+                              -expires => 'Fri, 01-Jan-2038 00:00:00 GMT');
+
+        }
+        else {
+            $cgi->send_cookie(-name => 'Bugzilla_login',
+                              -value => $userid);
+            $cgi->send_cookie(-name => 'Bugzilla_logincookie',
+                              -value => $logincookie);
+
+        }
 
         # compat code. The cookie value is used for logouts, and that
         # isn't generic yet.
         $::COOKIE{'Bugzilla_logincookie'} = $logincookie;
-    } elsif ($authres == AUTH_NODATA) {
+    }
+    elsif ($authres == AUTH_NODATA) {
         # No data from the form, so try to login via cookies
         $username = $cgi->cookie("Bugzilla_login");
         $passwd = $cgi->cookie("Bugzilla_logincookie");
author	kiko%async.com.br <>	2004-01-17 07:46:30 +0100
committer	kiko%async.com.br <>	2004-01-17 07:46:30 +0100
commit	09763eb1eb5d0f9b5284edb08ce76b216b358cc5 (patch)
tree	5db921e1d9c736ac8252f656b2e279c1dd396f2e /Bugzilla/Auth
parent	3aeef0535633570b09014f6858c688c6c8e43f22 (diff)
download	bugzilla-09763eb1eb5d0f9b5284edb08ce76b216b358cc5.tar.gz bugzilla-09763eb1eb5d0f9b5284edb08ce76b216b358cc5.tar.xz