From e654a733b27f0435331dae44b31eff8ed152ebf6 Mon Sep 17 00:00:00 2001 From: Florian Pritz Date: Sat, 14 Apr 2012 22:15:53 +0200 Subject: Allow to keep and reclaim uploads without being logged in If a user keeps the browser open until his session expires and then tries to upload something we now add it to the database, add the ID to the new session and when someone logs in with that session the ID is assigned. Until then even if you guess it correctly, you won't be able to download it. If the user still manages to let the 2nd session expire because he can't find his password, the upload will be lost. Shit happens. Signed-off-by: Florian Pritz --- application/models/muser.php | 12 +++++++++++- 1 file changed, 11 insertions(+), 1 deletion(-) (limited to 'application/models/muser.php') diff --git a/application/models/muser.php b/application/models/muser.php index 532fdeb1a..169182c46 100644 --- a/application/models/muser.php +++ b/application/models/muser.php @@ -47,11 +47,19 @@ class Muser extends CI_Model { function get_username() { + if (!$this->logged_in()) { + return ""; + } + return $this->session->userdata('username'); } function get_userid() { + if (!$this->logged_in()) { + return 0; + } + $query = $this->db->query(" SELECT id FROM users @@ -69,7 +77,9 @@ class Muser extends CI_Model { echo "FileBin requires you to have an account, please go to the homepage for more information.\n"; exit(); } else { - $this->session->set_flashdata("uri", $this->uri->uri_string()); + if (!$this->session->userdata("flash:new:uri")) { + $this->session->set_flashdata("uri", $this->uri->uri_string()); + } redirect('user/login'); } } -- cgit v1.2.3-24-g4f1b