Coding standards
Security in ResourceSpace
Developer reference
Database
Action functions
Admin functions
Ajax functions
Annotation functions
API functions
Collections functions
Comment functions
Config functions
CSV export functions
Dash functions
Debug functions
Encryption functions
Facial recognition functions
File functions
General functions
Language functions
Log functions
Login functions
Message functions
Migration functions
Node functions
PDF functions
Plugin functions
Render functions
Reporting functions
Request functions
Research functions
Slideshow functions
Theme permission functions
User functions
Video functions
Database functions
Metadata functions
Resource functions
Search functions
Map functions
Job functions
Tab functions
Test functions

set_login_cookies()

Description

Set login cookies

Parameters

ColumnTypeDefaultDescription
$user integer User ref
$session_hash string User session hash
$language string "" Language code (e.g en)
$user_preferences boolean true Set colour theme from user preferences

Return

void

Location

include/login_functions.php lines 264 to 294

Definition

 
function set_login_cookies($user$session_hash$language ""$user_preferences true)
    {
    global 
$baseurl$baseurl_short$allow_keep_logged_in$default_res_types$language;
    
$expires=0;
    if((string)(int)
$user!=(string)$user || $user 1)
        {
        
debug("set_login_cookies() - invalid paramters passed : " func_get_args());
        return 
false;
        }
    if (
$allow_keep_logged_in && getval("remember","")!="") {$expires 100;} # remember login for 100 days
            
    
if($language != "")
        {
        
# Store language cookie
        
rs_setcookie("language"$language1000); # Only used if not global cookies
        
rs_setcookie("language"$language1000$baseurl_short "pages/");
        }
        
    
# Set the session cookie. Do this for all paths that nay set the cookie as otherwise we can end up with a valid cookie at e.g. pages/team or pages/ajax
    
rs_setcookie("user"""0$baseurl_short);
    
rs_setcookie("user"""0$baseurl_short "pages");
    
rs_setcookie("user"""0$baseurl_short "pages/team");
    
rs_setcookie("user"""0$baseurl_short "pages/admin");
    
rs_setcookie("user"""0$baseurl_short "pages/ajax");

    
# Set user cookie, setting secure only flag if a HTTPS site, and also setting the HTTPOnly flag so this cookie cannot be probed by scripts (mitigating potential XSS vuln.) 
    
rs_setcookie("user"$session_hash$expires$baseurl_short""substr($baseurl,0,5)=="https"true);

    
# Set default resource types
    
rs_setcookie('restypes'$default_res_types);
    }

This article was last updated 12th December 2024 20:35 Europe/London time based on the source file dated 25th November 2024 11:45 Europe/London time.