From: Jean-Marc Pigeon <jmp@safe.c>
Date: Thu, 4 Sep 2025 11:05:11 +0000 (-0400)
Subject: cookies management seems to be working
X-Git-Tag: end-0.15~32
X-Git-Url: https://jmp-git.ovh.safe.ca/?a=commitdiff_plain;h=6c0ed2df5915ce7ae4c7c8ee3a346ed8493b2764;p=jmp%2Fmailleur

cookies management seems to be working
---

diff --git a/www/gessql.php b/www/gessql.php
index 9dbd47b..107498b 100644
--- a/www/gessql.php
+++ b/www/gessql.php
@@ -74,7 +74,9 @@ function sql_getlogname($dbsql)
 $OPEP="gessql.php:sql_getlogname";
 
 $logname=NULL;
-$cookie=$_COOKIE['mailleur']; 
+$expire=NULL;
+$cookie=$_COOKIE[getenv("APPNAME")];
+$cookie=htmlspecialchars($cookie);
 $phase=0;
 $proceed=true;
 while ($proceed==true) {
@@ -85,15 +87,23 @@ while ($proceed==true) {
         $phase=999;
       break;
     case 1      :       //is the cookie within database
-      $cookie=htmlspecialchars($cookie);
       $stmt=$dbsql->Select("Select * from cookies where cookuuid='$cookie'");
       $expire=$stmt->fetch(PDO::FETCH_ASSOC)['expire'];
-      rou_alert(0,"$OPEP, cookie expire=<$expire>");
+      if ($expire==null) {
+        rou_alert(0,"$OPEP, cookie <$cookie> expire not found in DB!");
+        $phase=999;
+        }
+      break;
+    case 2      :       //checking if cookie expired
+      $texpire=strtotime($expire);
+      if (time()>$texpire) {
+        rou_alert(0,"$OPEP, cookie <$cookie> time limite");
+        $phase=999;
+        }
       break;
-    case 2      :       //extracting logname
+    case 3      :       //extracting logname
       $stmt=$dbsql->Select("Select * from cookies where cookuuid='$cookie'");
       $logname=$stmt->fetch(PDO::FETCH_ASSOC)['email'];
-      rou_alert(0,"$OPEP, cookie logname=<$logname>");
       if ($logname==NULL) { //is user known?
         rou_alert(0,"$OPEP, cookie <$cookie> not found in DB");
         $phase=999;
diff --git a/www/home.php b/www/home.php
index 8a65e60..dff3648 100644
--- a/www/home.php
+++ b/www/home.php
@@ -7,8 +7,7 @@ include_once "gessql.php";
 
 //section to generate the main screen body
 //
-//define('JMPDBG','1');
-function body($action,$user,$pass)
+function body()
 
 {
 //including screen function
@@ -30,7 +29,6 @@ $STR  = <<<EOT
 Mailleur
 </FONT></STRONG></CENTER>
 $login
-USERNAME=$user
 $footer
 </BODY>
 </HTML>
@@ -39,8 +37,6 @@ EOT;
 return $STR;
 }
 
-$logname="U1";
-$pass="P1";
 if ($_SERVER["REQUEST_METHOD"] == "POST") {
   $pass=$_POST["passwd"];
   $logname=$_POST["email"];
@@ -60,7 +56,7 @@ if ($_SERVER["REQUEST_METHOD"] == "POST") {
   }
 
 //display main screen
-echo body($action,$logname,$pass);
+echo body();
 ?>