From 9dff3249111fcc0b8061cf1013693cd64ca502bb Mon Sep 17 00:00:00 2001
From: BodgeMaster <>
Date: Thu, 20 Feb 2020 22:01:47 +0100
Subject: [PATCH] added session variables

---
 threadr/login/redirect.php | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/threadr/login/redirect.php b/threadr/login/redirect.php
index 3316491..a42ab1c 100644
--- a/threadr/login/redirect.php
+++ b/threadr/login/redirect.php
@@ -13,7 +13,8 @@ if ($statement->rowCount() > 0) {
   //chechk for correct password
   if ($dbentry['authentication_string'] == hash($dbentry['authentication_algorithm'], $password . $dbentry['authentication_salt'])) {
     //password correct
-    echo 1;
+    $_SESSION['user_id'] = $dbentry['id'];
+    $_SESSION['user_ip'] = $_SERVER['REMOTE_ADDR']; //ip will be used to prevent session stealing
   } else {
     //password inorrect
     header("Location: https://lostcave.ddnss.de/common/threadr/login?error=credentials");