From f93528ffab19b7a733fc8fb21c22853d8ec0d2f5 Mon Sep 17 00:00:00 2001
From: Andy Staudacher <andy.st@gmail.com>
Date: Sun, 7 Feb 2010 15:37:32 -0800
Subject: Last partial fix for ticket 585: Compartmentalize the admin area and
 require active authentication every 20 minutes to access the admin area.

Also renaming auth::validate_too_many_failed_password_changes to validate_too_many_failed_auth_attempts since it's used in this generalized way in 3 places now.
---
 modules/gallery/helpers/gallery_event.php | 2 ++
 1 file changed, 2 insertions(+)

(limited to 'modules/gallery/helpers/gallery_event.php')

diff --git a/modules/gallery/helpers/gallery_event.php b/modules/gallery/helpers/gallery_event.php
index 5fa82160..63f33c12 100644
--- a/modules/gallery/helpers/gallery_event.php
+++ b/modules/gallery/helpers/gallery_event.php
@@ -110,6 +110,7 @@ class gallery_event_Core {
       graphics::choose_default_toolkit();
       module::clear_var("gallery", "choose_default_tookit");
     }
+    Session::instance()->set("active_auth_timestamp", time());
     auth::clear_failed_attempts($user);
   }
 
@@ -119,6 +120,7 @@ class gallery_event_Core {
 
   static function user_auth($user) {
     auth::clear_failed_attempts($user);
+    Session::instance()->set("active_auth_timestamp", time());
   }
 
   static function item_index_data($item, $data) {
-- 
cgit v1.2.3