From 7172dbc0d546b2eec19b87ad2b9812242fa2219d Mon Sep 17 00:00:00 2001
From: Andreas Gohr <andi@splitbrain.org>
Date: Fri, 15 Feb 2008 13:17:16 +0100
Subject: Make session reference file check overridable for auth backends

darcs-hash:20080215121716-7ad00-35d275212e0e3c41626ed64d9096aad10f4ad2db.gz
---
 inc/auth.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

(limited to 'inc/auth.php')

diff --git a/inc/auth.php b/inc/auth.php
index 48888da1e..5c60f8a35 100644
--- a/inc/auth.php
+++ b/inc/auth.php
@@ -157,7 +157,7 @@ function auth_login($user,$pass,$sticky=false,$silent=false){
     if($user && $pass){
       // we got a cookie - see if we can trust it
       if(isset($session) &&
-        ($session['time'] >= @filemtime($conf['cachedir'].'/sessionpurge')) &&
+        $auth->useSessionCache($user) &&
         ($session['time'] >= time()-$conf['auth_security_timeout']) &&
         ($session['user'] == $user) &&
         ($session['pass'] == $pass) &&  //still crypted
-- 
cgit v1.2.3